In our previous blog, Deepfake Regulations and Safety Strategies, we discussed the various dangers of deepfake technology and the preventive measures that users can take to protect themselves from deepfake risks, as well as mitigation strategies for organizations. We also highlighted how different countries approach deepfake regulations.
Now, we will address a scam known as New account fraud (NAF), which can be related to deepfake technology when malicious actors use deepfake technology to successfully deceive victims. More specifically, deepfake technology can create tools that help cybercriminals bypass two-factor authentication to carry out account fraud attacks. But first, let’s explore new account fraud and how it works.
What is New Account Fraud and How It Works
New account fraud, or account creation fraud, involves using stolen personal data to open new online accounts, such as bank or credit accounts, in the victim’s name, as well as to establish services on their behalf. The goal of these attacks is malicious; attackers typically seek financial gain. Malicious actors obtain this personal data through phishing or by purchasing data on the dark web. Victims often remain unaware that they have been targeted for an extended period until significant damage disrupts their finances.
This type of fraud is increasingly common in the digital age and poses serious risks for both individuals and businesses. What makes the problem worse is the ease with which personal information is now accessible. This type of fraud presents a challenge for businesses, as it can lead to substantial financial losses, legal complications, and damage to a company’s reputation.
A bad actor uses stolen account details – specifically, the victim’s identity – to register a new account. They may use real details of real people, such as the victim’s name and email address. Additionally, fake account details can be utilized, known as a synthetic identity [1], where the fraudster uses partially real identity information. For example, they might use the victim’s real name but a fake phone number. Fraudsters also employ advanced tools, such as bots, to quickly create fake accounts on a large scale.
Depending on the service for which the new account will be used, the fraudster may need to go through verification processes, which introduces a notification factor. To bypass this, they can use a fake email address or phone number for registration. In more sophisticated attacks, they might gain access to the victim’s real email or phone number or employ social engineering tactics to trick the victim into confirming their account details.
The created account can be used by the fraudster to engage in various illegal activities or to sell it on the dark web for others to use for their illicit purposes. Victims are often unaware of these scams until they notice unexpected charges or a drop in their credit score. Recognizing how to respond to these scams is crucial for everyone to prevent new account fraud.
How to Detect Fraudulent Account Creation
Fraudulent accounts represent a significant threat, enabling attackers to engage in various forms of abuse. Early identification and mitigation are crucial to protecting users from harm.
Below are the key indicators of this type of scam:
- Unusual user behavior during the account creation process [2]
- Suspicious user information
- Use of temporary domains for email addresses or VoIP numbers for phone verification
- Use of suspicious IP addresses
Strategies to Prevent New Account Fraud
As with other threats, preventing new account fraud requires a multifaceted approach and various strategies to detect and mitigate the risks associated with these scams:
- Using multi-factor authentication as an extra level of security which requires more than one type of credential to log into an account.
- Advanced identity verification using biometric analysis, document verification tools, and other methods to ensure the legitimacy of account applicants and combat synthetic identity fraud. [3]
- Leveraging AI to analyze massive amounts of data and identify suspicious patterns.
- Improving data security by encrypting sensitive information, using strong passwords, and regularly updating software and devices.
- Training employees and raising security awareness to help them recognize signs of fraud and stay informed about the latest fraud trends.
ProKYC: The AI tool Exploiting Authentication Systems to Create Fraudulent Accounts
The network security company Cato CTRL (Cato Networks Cyber Threat Research Lab) has discovered a tool used by cybercriminals to defeat two-factor authentication. The tool is called ProKYC, and it is sold and used by cybercriminals to exploit the security systems of cryptocurrency exchanges [4]. This tool creates synthetic identities using videos and AI-generated forged documents, allowing fake accounts to be created and two-factor authentication to be bypassed. With the help of this tool, attackers can verify their fake accounts. They can then engage in money laundering and other illegal activities.
This tool works by using Deepfake video technology to bypass the two-factor authentication process required to approve new users. This allows criminals to create new verified accounts that they can use for illegal activities. The attack starts when a fake account connects to the cryptocurrency exchange using forged documents. Instead of using cameras and facial recognition as part of the authentication process, the attacker uses a tool to connect a recorded AI-generated video, making it appear as if it were live footage from a camera.
Fake videos created by tools like this can be recognized by errors in facial features and inconsistencies in the movement of the eyes and lips during biometric authentication.
Conclusion
New account fraud is a type of fraud that often involves the use of stolen identities, enabling attackers to carry out illegal activities through newly created accounts.
Victims may remain unaware for months that they have fallen victim to this type of fraud, making it essential to take proactive security measures to prevent significant damage. Individuals should ensure that the websites they use for payments are secure, such as those with SSL certificates. Additionally, when selling or discontinuing the use of smart devices, it is vital to wipe all data by performing a factory reset to prevent misuse of personal information.
New account fraud poses a significant risk, emphasizing the importance of advanced detection and prevention measures. By adopting new technologies and maintaining vigilance, individuals and organizations can safeguard their personal and financial information against this ever-evolving threat. Detecting and preventing fraud early in its lifecycle remains the best way to protect yourself and your assets.