Breaking Bust-Out Fraud

How can financial institutions better understand and address long-term impersonation?


There are many types of fraud, but few are as malicious, long-term, and hard to spot as a bust-out scam. Although it has been around for years, this type of fraud continues to be a problem for financial institutions.

Any effective scam plays to the target’s desires. And because financial institutions desire consumers who are engaged, responsible, and profitable, that’s the persona a bust-out fraudster assumes.

Also referred to as advance or sleeper fraud, the bust-out sham begins by using stolen or purchased fraudulent information to open an account, according to Experian Decision Analytics. From there, the customer or member spends up to a year or more establishing themselves as a trustworthy individual, paying on time, depositing, and withdrawing funds to create the impression of employment, opening credit lines, and even securing credit limit increases resulting from their quality history as a member or customer.

Then, in as little as a day, the thief will max out a generous credit line and write a plethora of bad checks. Any attempts to contact the borrower, much less get them to pay up, disappears as the fraudster abandons the identity and moves on to another opportunity.

Small, community-based institutions such as credit unions are the preferred victims. Worse yet, the full impact of these scams are seldom realized. They are frequently mistaken as credit loss and cycled fruitlessly through the collections process. An estimated $4 billion to $17 billion in fraud was misclassified last year alone, according to financial services firm TSYS.

Prevention requires identifying potential bust-out candidates before the spend-and-run phase and properly classifying the events afterward so the full scope of the issue can be recognized. Experian Decision Analytics advises to watch out for these behaviors: 

  • Multiple surnames at an address — symptomatic of an organized fraud ring
  • Method of payment changing from Direct Debit
  • Time since last credit limit increase — for example, an account has gone over its limit within two months of being granted a credit limit increase.

It all comes down to vigilance.

Thieves choose smaller institutions because they think small institutions lack the informational and computational resources to preemptively spot potential for fraud. But the ability to know your members better than the competition is a great defense, and this is an area where smaller institutions in particular can excel.