top of page
OutSystems-business-transformation-with-gen-ai-ad-300x600.jpg
OutSystems-business-transformation-with-gen-ai-ad-728x90.jpg
TechNewsHub_Strip_v1.jpg

LATEST NEWS

Marijan Hassan - Tech Journalist

Cybercriminals building a database of face ID images and identity documents, researchers warn


In a troubling development, cybersecurity researchers have uncovered a sophisticated identity fraud operation on the dark web involving the systematic collection of genuine identity documents and facial images. Analysts from iProov’s biometric threat intelligence unit describe the operation as an evolution in identity fraud, capable of bypassing traditional verification systems used by financial institutions and other organizations.



According to iProov’s Q4 2024 threat intelligence report, the criminal group behind the operation has amassed a substantial database specifically designed to defeat Know Your Customer (KYC) verification processes. Unlike past breaches where biometric data was scraped from stolen databases, this operation appears to have acquired identities by paying individuals for their facial images and official documents, such as passports and driver’s licenses.


The anatomy of the attack

The dark web group leverages these genuine identity packages to undermine KYC processes, which are critical for preventing fraud in banking and other sectors. The operation highlights vulnerabilities in three key areas of verification:


  • Document verification: Traditional methods for detecting altered or forged documents are ineffective against authentic, unaltered identity credentials provided by the dark web group.

  • Facial matching: When legitimate facial images are paired with corresponding identity documents, standard facial matching algorithms struggle to detect fraud.

  • Liveness detection: Advanced attacks have begun to exploit gaps in liveness detection, using real-time face-swapping, deepfakes, and 3D modeling to mimic genuine interactions.


Andrew Newell, Chief Scientific Officer at iProov, emphasized the alarming sophistication of this operation. “What’s particularly concerning is not just the technology involved but the fact that individuals are willingly compromising their identities for short-term financial gain,” Newell said. “By selling their biometric data and documents, they’re enabling criminals to create near-perfect identity fraud packages that are extremely difficult to detect.”


A “Perfect Storm” is brewing

The combination of genuine identity documents and matching biometric data presents a significant challenge for traditional verification systems. Researchers warn that even advanced fraud detection technologies can struggle to simultaneously address all aspects of this multi-layered attack.


“This is a perfect storm of identity fraud,” Newell said. “These packages are designed to exploit every vulnerability in the system, making them a significant threat to global financial institutions and other organizations relying on KYC compliance.”


The solution: A multi-layered approach

iProov researchers have outlined recommendations for organizations to defend against these evolving threats:

  • Real-time verification: Use challenge-response systems to confirm the presence of a live individual during the verification process.

  • Metadata analysis: Incorporate embedded imagery and metadata to detect malicious media.

  • Threat intelligence integration: Combine ongoing monitoring, proactive threat hunting, and incident response to adapt to emerging attack vectors.


“This multi-layered approach makes it exponentially more difficult for attackers to bypass verification systems, regardless of their level of sophistication,” iProov noted.


A broader trend in fraud evolution

This discovery aligns with broader findings from cybersecurity experts, such as Group-IB, who have demonstrated how deepfake and face-swapping technologies are being used to bypass biometric verification systems. In one real-world case, fraudsters used AI-generated images and virtual camera software to defeat liveness detection measures in Indonesia.


A warning to consumers

The operation also emphasizes the risks for individuals tempted to sell their identity data. Experts warn that while the financial incentives may seem appealing, the long-term consequences of identity theft and fraud can far outweigh any short-term gains.


“Don’t do it,” Newell urged. “Compromising your identity for quick cash could turn into a costly mistake that affects your financial security and reputation for years to come.”

wasabi.png
Gamma_300x600.jpg
paypal.png
bottom of page