Summary:
Security Researchers at IProov, a biometric threat intelligence service, have urged customer-facing businesses to improve their verification checks after they uncovered a large-scale identity data farming operation conducted by an unnamed underground group on the dark web. The unnamed underground group compiled a large collection of identity documents and corresponding facial images in a bid to trick Know Your Customer (KYC) verification checks. However, iProov states that some of these images and identity documents may have been willingly provided by the data subjects in exchange for some sort of financial incentive.

Security Officer Comments:
Underground cybercriminal services like this present a difficult challenge to organizations and defenders that use visual confirmation to verify customers’ identities. Detecting these fake documents can be challenging, but another layer of difficulty is added when individuals willingly compromise their identities for short-term financial gain, adding misused genuine documents into the mix. By selling their identity documents and biometric data, people risk their own financial security as well as provide cybercriminals with effective ammunition to perpetrate sophisticated impersonation fraud. Pair this illicit activity with the increasing use of AI-powered deepfakes and it will be difficult for organizations to avoid letting some of these fake or misused identities through the cracks of their security posture. With the DPRK’s increasing use of fake IT worker identities to compromise systems and commit financial theft, it would be unsurprised to learn many of these nation-state APT groups utilize these services offered within the cybercriminal ecosystem.

Suggested Corrections: