How Cybercriminals Exploit Identity Data to Commit Business Loan Fraud

Cybercriminals are increasingly targeting business lending platforms and alternative lenders. As financial services have embraced digital onboarding procedures, automated verification tools, and cloud-based underwriting systems, cybercriminals have more chances to commit loan fraud with stolen identity data, especially Social Security numbers (SSNs).

Recently, news story of a data breach at Byzfunder NY LLC indicated that the private information, including personal names and Social Security numbers, of customers had been exposed. Although the investigation is still ongoing, this incident is an indication of how identity data linked to business financing is becoming a transactional currency for cybercriminals. Cybercriminals find SSNs and tax identifiers particularly useful because, unlike credit card information that can be canceled and replaced, SSNs and tax identifiers can be a gold mine used for long-term fraud.

How Stolen Identity Data Enables Business Loan Fraud

Cybercriminals use Social Security Numbers (SSNs) and other personal identifiers to impersonate real business owners to apply for a loan, funding, working capital advances, or equipment loans. Unlike consumer loan fraud, where mostly individuals apply for loans, business lending typically entails:

- Definitely higher loan amounts,
- Faster loan approvals with less manual verification,
- Limited fraud prevention controls,
- Remote identity checks to validate identity without physically verifying, and therefore
- Business owners who have limited knowledge of lending procedures.

Once a loan is approved, funds are quickly transferred or laundered through various accounts, and the stolen money is often completely gone before the lender realizes the loan was fraudulent. Legitimate business owners face collection efforts and credit impact, respond to frivolous lawsuits, and enter legal disputes that can take months, if not years, to resolve.

Reasons Alternative Lenders are at Risk

Cybercriminals are increasingly targeting alternative and digital-first lenders because:

Underwriting is heavily reliant on automated decision engines
With so many applications being submitted, fraud is much more difficult to detect; it is analyzed on a volume basis
Most platforms leverage multiple integrations with third-party services, exposing the platform to more potential attack vectors
Hackers will typically gain access to one vendor and then will compromise an entire network of vendors

Misconfigured cloud storage and poor access controls continue to be some of the most frequent causes for breaches in the lending world.

The Increasing Use of Extortion of Data

Data identity is no longer simply stolen to sell. Extortion models are used when organizations are pressured for payment to either leak or weaponized information. And, even when ransom isn’t paid, victimized identity data continues to circulate for years in criminal marketplaces, resulting in years of risk for the victim.

Protection From Identity-Based Loan Fraud

For lenders and platforms, the most effective plans of protection include: