What does it mean to have an identity when parts of it can be sold, forged, or constructed from scratch?
Identity fraud now extends far beyond data breaches and cloned credit cards. It includes scams that harvest personal information through fake job ads, fabricated profiles that meet onboarding checks, and AI-generated impersonation capable of fooling biometric security. These techniques feel lifted from science fiction, yet they are very much part of reality: regularly deployed, measurably effective.
Drawing on the latest industry reports, Cifas data, and real-world case studies, this article blog explores how identity fraud has evolved, how synthetic identities and AI-driven impersonation amplify risk, and why detection must shift from point-in-time checks to continuous scrutiny.
Recent data from Cifas reveals more than 118,000 identity fraud reports between January and June 2025 - over half of all fraud filings in that period. The rise in identity fraud has been accompanied by growing use of synthetic identities, many of which are now generated or supported by AI tools capable of mimicking legitimate customer behaviour and documentation.
Not all identity fraud relies on fabrication. Alongside the growth of synthetic profiles, there is an emerging trend of individuals willingly, or sometimes under financial pressure or coercion, selling access to their own identity data. This includes national insurance numbers, passport scans, utility bills, and bank credentials, often handed over via encrypted messaging apps or anonymous online marketplaces in exchange for a quick payment. In some cases, people are recruited through social media or messaging platforms and led to believe they are participating in a legitimate scheme, ‘lending’ their identity to someone who cannot access credit or banking services themselves. Unfortunately, this is rarely where it ends. Once that information is in circulation, it is used to open accounts, apply for loans, or serve as a foundation for synthetic profiles. The individual remains legally and financially liable, even when the resulting fraud is orchestrated by someone else.
This isn’t limited to isolated incidents. Fraud prevention bodies report increasing volumes of these cases, particularly among young adults and those experiencing financial instability. Some individuals may feel they have little to lose; others are unaware of the long-term consequences; but the repercussions can be serious, ranging from damaged credit scores and frozen bank accounts to police investigation and exclusion from future access to mainstream financial services. The normalisation of identity commodification risks introduces a new category of fraud: one that blurs the line between victim and enabler.
This kind of identity commodification has a counterpart in another emerging typology: the use of fake job adverts to harvest personal data. In contrast to individuals who knowingly hand over their details, victims of these scams believe they are engaging with legitimate employers.
The fraud is designed to look routine. Adverts are posted on mainstream platforms. Interviews are conducted. Forms are exchanged. Contracts are issued. And then nothing. The job never materialises, but the applicant’s documents - passports, addresses, national insurance numbers - are repurposed to build synthetic identities capable of bypassing standard onboarding and verification checks.
Conversely, businesses are increasingly being targeted by fraudulent job applicants. In one recent case from the United States - a woman was found to have coordinated a remote work scheme that helped North Korean IT contractors gain access to Fortune 500 companies using stolen identities. The operation involved banks of laptops, falsified CVs, and staged video interviews. Tens of millions of dollars were channelled through the scheme before it collapsed. Even experienced hiring teams were misled by the level of preparation behind the fake candidates.
Synthetic identity fraud remains one of the most complex and poorly understood threats in the financial crime landscape. These profiles are not stolen in the traditional sense. They are constructed: assembled from a blend of real information, such as stolen national insurance numbers, and fictitious information, such as fake names and addresses or fabricated employment histories. The result is a plausible identity that does not belong to any one individual, but can still pass as genuine without the proper anti-fraud processes in place.
What makes synthetic identities especially difficult to detect is their capacity to behave convincingly over time. Unlike traditional identity theft, which is often opportunistic and short-lived, these profiles are maintained deliberately. Fraudsters open low-risk accounts, simulate normal activity and gradually build credit histories. When the profile has acquired enough credibility, it is used to access loans, credit products, or other services before being abandoned in what is often described as a “bust-out”.
Quantifying the scale of synthetic identity fraud is inherently difficult: as these identities do not correspond to a real person, they are frequently excluded from victim-based reporting and rarely surface in conventional metrics. Nonetheless, evidence suggests that they are contributing significantly to wider identity-related crime. In 2024, identity fraud accounted for 59% of all reports to Cifas’s National Fraud Database (almost 250,000 incidents). Facility takeover rose by 76%; and unauthorised SIM-swap cases increased by more than 1,000%. By mid-2025, over 217,000 additional identity fraud cases had already been recorded. While not all of these can be traced to synthetic profiles, the growth in typologies that depend on long-term infiltration and misdirection is consistent with the way synthetic identities operate, particularly in sectors such as telecoms, public services and insurance.
Despite these developments, institutional responses have been slow to adapt. In many organisations, identity fraud continues to be treated as a problem to be solved at the point of entry. Onboarding procedures remain the dominant line of defence, focusing on document checks, biometric scans and one-off identity verification. These controls may be effective in screening out obvious attempts at impersonation, but they are not historically designed to detect synthetic identities that evolve gradually and mirror the behavioural patterns of legitimate customers. Without continuous monitoring across transactions, usage behaviour and digital touch points, there is little to prevent these identities from persisting undetected for months or even years.
Advances in generative AI and synthetic media have created new opportunities for identity fraud, making once-sophisticated methods accessible to a much wider pool of actors. Voice cloning, facial synthesis and document fabrication are no longer the preserve of advanced threat actors. They are now achievable with minimal technical skill and little financial outlay.
Recent data suggests that AI-enabled impersonation is already reshaping the fraud landscape. In 2025, reported impersonation scams rose by 148%, with analysts estimating that over 80% of current fraud attempts now involve some form of AI-generated content. This includes synthetic voices, altered facial imagery and forged video avatars used to bypass biometric and visual verification systems.
To demonstrate how easily these tools can be weaponised, technology journalist Amanda Hoover used a low-cost voice synthesiser to replicate her own speech and successfully navigate her bank’s authentication process, exposing the vulnerability of systems that rely on voice verification alone. The same techniques are now being applied at a far more sophisticated level. In a now infamous case from 2024, a finance employee at a multinational company in Hong Kong was deceived into transferring over 200 million Hong Kong dollars (approximately 38 million US dollars) after attending a video call with what appeared to be the company’s chief financial officer and other senior colleagues. In reality, the meeting participants were AI-generated deepfakes, constructed using publicly available images, voice recordings and visual data.
The attackers had previously targeted the employee with a phishing email and lured them into the call under the pretext of a confidential transaction. The quality of the deepfakes was convincing enough to pass unnoticed throughout the meeting. By the time the fraud was uncovered, the funds had already been dispersed across multiple international accounts.
These methods are also being deployed in job recruitment scams. Small businesses have reported a rise in job candidates who appear credible on paper and during initial interviews, but who turn out to be AI-generated personas with fraudsters operating behind the scenes. In one instance, a recruiter asked a candidate to switch to typing responses mid-interview after the voice feed began to break down - a subtle but revealing sign of automation.
These cases demonstrate just how easily AI-generated profiles can meet existing verification standards. Most systems continue to rely on surface-level checks: matching a face to a photo, a voice to a sample, or a CV to expected formatting. When synthetic content is built to satisfy these requirements, there is little to prevent it from passing as legitimate.
Identity fraud continues to evolve, but so too do the tools designed to counter it. A growing number of projects and systems are pushing detection beyond static checks into behavioural, contextual and real-time defence. One notable example is dAIsy, developed by O2 in the UK. This voicebot, programmed as a chatty elderly woman, engages scammers on the phone, keeping them occupied for as long as 40 minutes and diverting them from real victims. Its conversations have also provided insight into scammer tactics used across call centres.
Stay on top of the ever-changing financial crime landscape by accessing the latest information on emerging criminal techniques and the risks associated with carrying out business with particular industries or in particular jurisdictions.
Identity fraud now extends far beyond data breaches and cloned credit cards. It includes scams that harvest personal information through fake job ads, fabricated profiles that meet onboarding checks, and AI-generated impersonation capable of fooling biometric security.
US Department of the Treasury lifted OFAC sanctions on Belavia on 4 Nov, easing curbs on Belarus’s state airline. Amid EU bans and Boeing route restrictions, analysts warn of higher sanctions evasion and parallel imports risks via Russia. Explore impacts on compliance, due diligence and trade.
“Pig butchering” is a fast-growing cryptocurrency scam where fraudsters build trusted and sometimes romantic relationships to lure victims into fake investment schemes, ultimately stealing large sums of money.
This blog examines the evolving threat of the global illicit drug trade in the Persian Gulf, highlighting four key trends we’re closely monitoring.
Cobalt powers modern technology and electric vehicles but is tied to exploitation, corruption, and environmental harm. This article unpacks global cobalt supply chains, from DRC mines to battery factories, and shows how Themis helps businesses identify and manage related ESG risks.
The U.S. has just tightened its grip on global trade: a new BIS “affiliates rule” now pulls thousands of companies worldwide under U.S. export controls. If ownership links are hidden, you could still be exposed—discover why this game-changing rule is reshaping compliance everywhere.
We’ve handpicked a selection of standout books our team discovered over the summer—perfect picks to kick off the “back-to-school" season. These compelling reads offer deep insight into financial crimes, the systemic vulnerabilities they exploit, and their far-reaching consequences.
AI is fast becoming a high-ROI tool in financial crime and compliance. From cutting costs and boosting efficiency to enhancing resilience, strategic AI investments are helping CFOs do more with less - transforming risk management and unlocking new value across the financial sector.
The UK’s latest National Risk Assessment (NRA) reveals how money laundering and terrorist financing are evolving—and how the UK is fighting back. A vital guide for AML policy, it arms businesses with intelligence to spot risks and stay protected.
.png)
Many clients have heard of the OFAC 50 Percent Rule but aren’t sure how it affects them. It’s far-reaching, with hidden sanctions risks. This post explains the rule, why it demands deeper due diligence, and steps to identify and mitigate those risks.
In June, the EU removed the UAE from its list of high-risk jurisdictions from an AML perspective, signaling growing international confidence in the country’s financial crime oversight.
New updates to the Land Conversion and Financial Crime Risk Assessment link environmental harm to financial crime. Cattle rustling in Nigeria and Cameroon is now red-rated, with added risks on carbon credit fraud, child labour, mining corruption, and gold smuggling.
An overview of modern slavery, distinguishing between human trafficking, smuggling, and forced labor. It highlights the global prevalence of exploitation and the importance of understanding these definitions to combat such crimes.
Dubai’s $160B foreign-owned real estate market faces money laundering risks. The UAE now requires reporting of property deals over AED 55K via REAR. Criminals like Daniel Kinahan have exploited property to hide illicit funds, underscoring the need for strict compliance.
Examines how digital platforms and cryptocurrencies facilitate human trafficking, allowing traffickers to operate anonymously and at scale, posing challenges for law enforcement.
Investigates how sanctions intersect with trade-based financial crimes in Hong Kong, highlighting the complexities businesses face in navigating regulatory compliance.
Financial crimes cause more than economic harm—they hit mental health too. UK data shows 60% of fraud victims face distress; Ghana research links corruption to anxiety and depression. This blog calls for tackling both psychological and financial impacts.
Environmental crime worsens gender inequality, driving violence, trafficking, and hardship for women—especially in regions like the DRC and Peru. Women defenders face abuse, and climate change deepens risks like water scarcity, child marriage, and health threats. Tackling these crimes is key to protecting women’s rights and safety.
AI is transforming financial crime prevention—improving detection, reducing costs, and streamlining compliance. Generative AI and graph networks boost due diligence, while ethical, human-guided use counters criminal misuse. Themis champions tech-human collaboration.
Explores the application of fuzzy logic in Anti-Money Laundering (AML) systems, emphasising its role in improving name-matching accuracy and reducing false positives, thereby enhancing compliance efficiency.
This book focusses on the challenges faced by law enforcement in North West USA and in British Columbia to combat illegal logging, as well as those of the timber-industry communities established since the late 19th century to maintain meaningful and financially viable lives.
The FATF has highlighted the UAE’s progress in fighting financial crime. Its third enhanced follow-up report upgraded three recommendation ratings for the country, marking a step forward in meeting international standards.
Lebanon’s economic collapse, fuelled by debt, corruption, and instability, has led to hyperinflation and greater financial crime risk. In Oct 2024, the FATF grey-listed Lebanon. The country pledges a two-year reform plan to boost transparency and restore investor confidence.
The UK treats profits from legal overseas cannabis businesses as criminal property under the Proceeds of Crime Act. Few cases qualify for exceptions, creating a legal grey area—so anyone handling such funds should proceed cautiously and seek legal advice.
The UK’s 2023–2026 Economic Crime Plan commits £400M to tackle money laundering, kleptocracy, and fraud, with reforms to Companies House, crypto, and sanctions. Progress is clear, but critics urge more urgency and funding. Success depends on public-private collaboration.
Suspicious Activity Reports (SARs) are key to fighting financial crime, with 42% of fraud found via tip-offs. Rising UK SARs and account freezes show their impact. Themis urges strong reporting systems and whistleblower protections to foster transparency.
Corrupt elites still exploit the UK property market via offshore structures and relatives to hide assets. Over 18,000 firms remain non-compliant. With cases of children holding luxury homes, Themis calls for tougher enforcement as new UK and FATF guidance target transparency gaps.
Corruption undermines sustainable development, financial integrity, and DEI. A Themis–Denominator study links lower corruption to higher DEI scores. Marginalised groups, especially women, suffer most. Promoting diversity and transparency is key to fairer societies.
Hindenburg Research accuses India’s Adani Group of fraud, alleging stock manipulation, shell firms, and nepotism—halving Gautam Adani’s net worth and shaking investor confidence. The case highlights how financial crime can roil markets and the need for strong due diligence.
Supply chain failures have linked firms like Inditex and Skechers to forced labour and reputational risk. The EU’s CSDDD will require large companies to address human rights and environmental harms. Themis offers tools to assess suppliers and fight modern slavery.
On World Wildlife Day and CITES’ 50th year, Themis reflects on tackling illegal wildlife trade—the 4th largest financial crime. Laws, AI, forensics, and global cooperation drive change, but shifting demand, like ivory to hippo teeth, shows challenges remain.
Puppy smuggling in the UK has surged post-pandemic, with organised crime exploiting demand and loopholes to import sick or underage dogs. Despite new laws, enforcement gaps remain. Themis urges buyer vigilance—tools like Themis Search can help spot breeder risks
Romance scams rose 30% in 2022, with victims losing £8,234 on average—especially men and those aged 65–74. Scammers use fake profiles and emotional manipulation. Themis urges due diligence in dating; tools like Themis Search can flag risks and help platforms protect users.
Crypto plays roles in both social good and crime—over $50M has aided Ukraine, but bad actors use it to evade sanctions and launder funds, notably via the UAE and Central African Republic. Themis calls for stronger due diligence and compliance to curb misuse.
The Russian invasion of Ukraine has heightened trafficking risks for women and children. Over 2.5M flee, with traffickers exploiting chaos, especially in Moldova, Poland, and Italy. The OSCE urges swift action to warn refugees of false offers and protect them.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Block quote
Ordered list
Unordered list
Bold text
Emphasis
Superscript
Subscript
