iProov, a biometric identity solutions provider, has uncovered a dark web operation that targets Know Your Customer (KYC) verification processes, as detailed in its Q4 2024 Threat Intelligence News Update. The operation shows how identity fraud is becoming more advanced, using genuine documents and facial images to bypass security systems.
This discovery was part of iProov’s work through its Security Operations Center (iSOC). Investigators found a group in Latin America collecting identity documents and matching facial images. These were likely obtained from individuals who sold their personal information for money. Similar activity has been seen in Eastern Europe, but no direct connections between the groups have been confirmed.
“What’s particularly alarming about this discovery is not just the sophisticated nature of the operation, but the fact that individuals are willingly compromising their identities for short-term financial gain,” said Andrew Newell, chief scientific officer at iProov. “When people sell their identity documents and biometric data, they are not just risking their own financial security — they’re providing criminals with complete, genuine identity packages.”
The operation reveals new challenges for systems that verify identities. Unlike traditional fraud involving fake or forged documents, this scheme uses real credentials, making it harder to detect. The biometric data paired with these documents can also fool many basic security measures.
How attacks are evolving
iProov highlighted how attackers are using increasingly advanced methods. Basic attacks might involve fake photos or edited documents, but more sophisticated criminals are now using tools like deepfake software and synthetic faces. These tools allow them to create lifelike simulations of real people, making it easier to trick outdated security systems.
“Even the most basic verification systems can fall victim to these attacks if they lack robust defenses,” Newell explained.
To protect organizations against these threats, iProov emphasized the importance of modern, multi-layered security systems. These systems check not only if documents are real but also if the person presenting them matches those documents and is interacting in real-time.
“Combining advanced technologies with continuous intelligence gathering makes it exponentially more difficult for attackers to succeed,” Newell said. “It’s essential to stay ahead of the curve as identity fraud methods evolve.”