A dark web criminal enterprise that appears to have been cultivating face ID images along with the original ID documents that accompany them has been uncovered, if you’ll excuse the pun, by threat intelligence researchers. Here’s everything you need to know about this sophisticated approach to identity theft that, it seems, uses information willingly traded for financial reward to build its identity farming business.
The Dark Web Face ID Farm Threat
Researchers from iProov’s Biometric Threat Intelligence Unit have discovered what appears to be a simple yet sophisticated identity protection bypass operation implemented on the dark web. Describing the important operation as “compromising identity verification systems through the systematic collection of genuine identity documents and images”, iProov analysts said this shows how the nature of identity fraud is evolving.
As detailed in iProov threat intelligence update Q4 for 2024, Threat Intelligence, the anonymous criminal dark web threat group behind the operation has amassed a “significant collection of identity documents and corresponding images of faces” which, according to the report, “was specifically designed to defeat Know Your Customer’s verification procedures’. Such systems play a key role in preventing identity fraud against banks and other financial institutions, as I discussed in a recent article on the use of artificial intelligence to bypass biometric bank security checks.
What’s most interesting to me in this particular case, however, is that it doesn’t appear to have been a matter of scraping compromised biometric data from published stolen databases, but rather, it appears that the identities were acquired by users paying for them.
Dark Web Hackers Pay for Face IDs and Supporting ID Documents—Users willingly participate
“What is particularly concerning about this discovery is not just the sophisticated nature of the business,” said Andrew Newell, chief scientific officer at iProov, “but the fact that individuals are willingly putting their identities at risk for short-term financial gain.” . And he’s right, as this isn’t just a matter of selling their identity data, it’s also a matter of risking their own security here “They provide criminals with full, genuine identity packages that can be used for sophisticated impersonation fraud.” What makes this process even more dangerous is that what we’re talking about here is the perfect storm of identity-matching pairs: genuine documents and genuine biometrics, “making them extremely difficult to detect through traditional verification methods,” Boom warned.
Do I really need to say this? If someone approaches you, knowingly from the dark web or, more likely than not, offers you cold, hard cash in exchange for your picture and copies of your ID documents, don’t do it. However short-term the motivation, it could just as quickly turn into a very costly mistake.