A dark web criminal operation that appears to have been farming face ID images along with the genuine identity documents that accompany them has been unmasked, if you’ll pardon the pun, by threat intelligence researchers. Here’s everything you need to know about this sophisticated approach to identity theft that, it would seem likely, has been using information willingly exchanged for financial reward to build the ID farming business.
The Dark Web Face ID Farm Threat
Researchers from iProov’s biometric threat intelligence unit have uncovered what appears to be a simple yet simultaneously sophisticated identity protection bypass operation being implemented on the dark web. Describing the significant operation as “compromising identity verification systems through the systematic collection of genuine identity documents and images,” the iProov analysts said that this demonstrates how the nature of identity fraud is evolving.
As detailed in the iProov Q4 threat intelligence update for 2024, threat-insights the unnamed criminal dark web threat group behind the operation has amassed a “substantial collection of identity documents and corresponding facial images,” which, the report said, was “specifically designed to defeat Know Your Customer verification processes.” Such systems play a key role in preventing identity fraud against banks and other financial institutions, as I reported in a recent article concerning the use of AI to bypass biometric banking security checks.
What is most interesting to me in this particular case, however, is that this doesn’t seem to have been a matter of scraping compromised biometric data from published stolen databases, but rather, it looks like the identities have been obtained by paying users for them.
Dark Web Hackers Pay For Face ID And Supporting Identity Documents—Users Willingly Participate
“What’s particularly alarming about this discovery is not just the sophisticated nature of the operation,” Andrew Newell, chief scientific officer at iProov, said, “but the fact that individuals are willingly compromising their identities for short-term financial gain.” And he’s not wrong, as this isn’t just a matter of selling their identity data but also risking their own security here. “They’re providing criminals with complete, genuine identity packages that can be used for sophisticated impersonation fraud.” What makes this process even more dangerous is that what we are talking about here is the perfect storm of the identity matching pair: genuine documents and genuine matching biometric data, “making them extremely difficult to detect through traditional verification methods,” Newell warned. Boom.
Do I really need to say this? If you are approached by anyone, knowingly from the dark web or, more likely not, offering you cold, hard cash in exchange for your image and copies of your identity documents, don’t do it. No matter how much the short-term incentive, it could just as quickly turn into a very costly mistake.
