Content Library

Bust-out fraud: How it works and how to stop it

Alloy bust out fraud header

At 21%, bust-out fraud was the most common type of fraud reported by US bank, fintech, and credit union leaders in Alloy’s 2024 State of Fraud Benchmark Report. Of all fraud classifications, bust-out fraud also caused the most financial damage to their organizations last year.

Bust-out fraud involves winning over an organization's trust to extract value, then promptly disappearing without paying. For fintechs, in particular, falling victim to these fraud schemes can harm relationships with sponsor banks and payment processors. For organizations of all kinds, bust-out fraud can divert significant resources away from productive activities to close accounts and recoup funds.

Despite its prevalence, many fraud decision-makers struggle to identify and prevent bust-out fraud. To protect themselves, banks, fintechs, and credit unions must understand how bust-out fraud works and proactively spot the warning signs.

Bust-out fraud works like a hit-and-run

Bust-out fraud functions similarly to a hit-and-run; it’s fast, disorienting, and impactful. But unlike a hit-and-run, bust-out fraud is often part of a heavily considered scheme to maximize impact. The goal is simple: to make off with as much money as possible.

Typically, a bust-out fraud scheme looks something like this:

  1. A fraudster opens an account and begins transacting.

  2. They make on-time payments to build trust and establish a normal pattern of behavior.

  3. Once they’ve earned a high credit limit, the fraudster "busts out" by maxing out and over-extending the established credit line.

  4. The fraudster disappears with no intention of ever paying back the funds, leaving the organization with significant losses.

Fraudsters who buy or sell stolen or synthetic identities may stockpile accounts with good credit scores for bust-out schemes, increasing their likelihood of making off with an attractive sum as they passively build months or even years’ worth of realistic credit history.

Bust-out fraud is hard to classify

Many cases of bust-out fraud constitute third-party fraud, which is when a fraudster uses a synthetic or stolen identity attributed to a fictitious or real third party. However, financial organizations often have difficulty knowing how to categorize this type of fraud. Banks, fintechs, and credit unions may erroneously classify bust-out fraud as first-party fraud, which is when a person knowingly uses their own identity or misrepresents their own information for financial or material gain. With identity theft on the rise and underreported, banks, fintechs, and credit unions should be particularly wary of the tendency to overgeneralize.

1 bust out fraud inline

Bust-out fraudsters target high lines of credit

According to our survey, 57% of banks, fintechs, and credit unions experienced an increase in fraud attacks last year, affecting both consumer and business accounts. The high stakes and “go big or go home” attitude behind bust-out fraud makes high-value financial products like business credit lines an attractive target for bust-out fraudsters.

Official business registrations like LLCs and licenses are easier than ever to forge with generative AI. Bad actors may use virtual or fake office addresses and leverage online services to set up false phone numbers, websites, and answering services. They may create fake financial statements, fabricate trade and payment references, or even hijack the identity of a small or medium-sized business to scam credit card companies into extending credit to them.

As payment systems get faster, the window for lenders to detect and stop fraudulent transactions has gotten smaller. While many fraud detection systems rely on spotting unusual spikes in transaction speed, fraud rings know how to engineer attacks that keep just below velocity thresholds by exploiting the "gray zone." Timely fraudsters can use the gray zone to their advantage and extract money before red flags are noticed.

When it comes to committing bust-out fraud, bad actors may have several schemes going simultaneously. Some bad actors will set up multiple fake credit card accounts at once so they can establish a trustworthy repayment history and build credit faster. While credit is a common target, bust-out fraudsters may also target deposit accounts without overdraft fees and embedded financial services like buy now, pay later (BNPL).

What is the impact of bust-out fraud?

Effects on the organization

Just one large-scale bust-out fraud attack can leave a bank, fintech, or credit union on the hook for tens or even hundreds of thousands of dollars. Repeated bust-out fraud attacks can severely damage an organization’s relationships with financial partners, payment processors, regulators, and borrowers.

A sponsor bank, for example, may view a fintech company that experiences repeat bust-out fraud attacks as high-risk and terminate their partnership. Credit card issuers and networks may levy hefty fines or even cut off card processing privileges entirely. Compliance fines can force embedded finance operations to shut down, costing all parties involved an entire revenue stream.

2 bust out fraud inline

At the organizational level, legal repercussions can significantly disrupt operations by forcing banks, fintechs, and credit unions to divert resources away from revenue-generating activities to instead chase down delinquent bank accounts and attempt to recover losses.

Even after they’ve sunk the resources in, these collection efforts often prove fruitless. Fraudulently acquired gains can vanish without a trace, leaving no option for banks, fintechs, and credit unions to recover the funds.

Consequences for the customer

Bust-out fraud schemes also harm victims of identity theft. The real person behind a stolen or synthetic identity may be on the hook for the fraudsters’ spending spree unless they prove the account is fraudulent. Fraudsters may use complex patchworks of real and fraudulent personally identifiable information (PII), complicating the process of restoring account access (in the event that the bust-out fraud was initiated as account takeover fraud) or closing the accounts.

Once an identity thief busts out of an account with someone else’s PII, the victim must undergo a time-consuming process to restore their damaged credit and clear their name. Beyond the immediate inconvenience of initiating police reports, submitting paperwork, and undergoing disputes with creditors, identity theft victims may be blocked from obtaining loans, entering rental contracts, or even getting hired further down the road.

Why the rise in bust-out fraud?

Fraud experts and academics often use the fraud triangle framework to identify situations that pose an elevated risk of fraudulent activity. The triangle posits that individuals are more likely to engage in fraud when three key factors align: financial pressure/motivation, opportunity, and rationalization.

3 bust out fraud inline
Source: Association of Certified Fraud Examiners

Macroeconomic factors have contributed substantially to the motivation and rationalization behind bust-out fraud. Major economic disruptions have caused financial hardship, potentially driving more people to attempt this type of fraud out of desperation. According to the International Monetary Fund, the COVID-19 pandemic pushed 120 million people into extreme poverty. New ways of remote working, although beneficial for many, point to exacerbated inequalities that make it easier for people to rationalize fraudulent actions.

At the same time, opportunities to commit fraud have gone up due to increased access to financial products brought about by embedded finance and open banking. With more financial offers on the market than ever before, conditions have been primed for fraudsters to bust-out, and cash in.

Meanwhile, the rise of “fraud startups” during the COVID-19 pandemic points to a larger problem: Tools like generative AI have made it faster and simpler than ever for fraudsters to get away with bust-out fraud. And the reality is, it’s often cheaper and easier for bad actors to commit fraud than it is for organizations to stop them. Fraudulent acts that previously required a team of bad actors working together can now be carried out by fraudsters working in small, nimble groups, or even acting alone.

Strategies for preventing bust-out fraud

Banks, fintechs, and credit unions can significantly reduce their bust-out fraud risk by implementing a layered prevention strategy. Here’s how to level up your organization’s strategy to prevent bust-out fraud:

1. Apply robust identity verification to all new accounts

Use traditional and alternative data sources to verify new accounts at onboarding and throughout the customer lifecycle. Your channels should be unified so that identity data is accessible whether your customer chooses to conduct business with you in-branch or online.

    2. Create the right amount of onboarding friction to match your risk appetite

    Organizations often try to make onboarding frictionless to avoid deterring legitimate customers. But this can also make it too easy for fraudsters to slip through. Finding the right balance between security and convenience is an ongoing challenge, but critical to keeping fraudsters out of your system.

    3. Proactively monitor for red flags like sudden behavior and velocity changes

    Identify anomalies at onboarding and in real-time throughout the customer lifecycle. Watch out for changes to PII or changes in activity, such as sudden large purchases, an increase in velocity, or deviation from peers. Monitor accounts for untrustworthy identity unusual signals using the widest possible data set, and flag suspicious applications and transactions for manual review.

      4. Leverage machine learning insights

      Use machine learning algorithms to automate decision-making processes. This will free up your organization’s time and resources while enhancing fraud detection capabilities. Machine learning algorithms can help identify sophisticated fraudulent activities like synthetic identity fraud and make it easy to adapt workflows quickly in response to fraud landscape changes or market shifts. By leveraging machine learning insights backed by a wide set of data, your organization can detect anomalies, unusual patterns, and potentially fraudulent activities fast.

        5. Practice continuous testing and implementation

        Continuously test and implement new data sources before going live to keep ahead of evolving fraud schemes. Introduce as many data sources as possible, and streamline your decisioning with optimized workflows. Alloy's Identity Risk Solution’s nimble software development kit (SDK) makes it easy to test new data sources and iterate upon them before going live.

          6. Manage compliance

          Many regulatory requirements were established to protect consumers and financial institutions alike from becoming victims of fraud. Meet regulatory requirements by offering a transparent view into the decision-making process and enabling quick adaptation to legislative changes. Identity Risk Solutions can help strike a balance between risk management and scalable growth.

            7. Take a holistic, identity-based approach

            Banks, fintechs, and credit unions are in need of a strategic pivot to omnichannel solutions that provide a holistic view of fraud across all touchpoints. By looking at the big picture, not just individual data points, your organization can track and report on fraud from the point of origination to the point of execution, while also identifying the fraud methodology and execution tactic.

            This comprehensive approach allows you to apply targeted fraud prevention across different channels, both digital and in-branch. By adhering to a consistent set of identity decisioning standards and leveraging data from all touchpoints, you will be better prepared to address each channel's unique vulnerabilities as they arise and respond more effectively to evolving fraud threats.

            Use Alloy to curb bust-out fraud attacks

            While not foolproof, this multi-layered strategy — which includes ongoing monitoring, machine learning, and a unified view of customer risk — can significantly reduce bust-out fraud and mitigate its impact.

            As online transactions surge, fraudsters will continue to seek to exploit the internet's speed and anonymity for their own gain. Banks, fintechs, and credit unions must decide how much fraud risk they are willing to incur and deploy processes that help them stay compliant with regulators. By understanding the tactics and strategies associated with bust-out fraud and implementing a comprehensive approach to fraud prevention, organizations can effectively safeguard against this threat.

            Alloy is an Identity Risk Solution built to help manage fraud risk across channels. Alloy integrates with over 200 traditional and alternative data sources to help banks, fintechs, and credit unions worldwide build custom workflows that prevent fraud while staying compliant. Automate the costly, manual processes associated with reporting by consolidating your anti-money laundering (AML) and fraud within one centralized tool.

            Want to learn more about Alloy?

            Related content