30s Summary
AI-powered deepfake tool ProKYC allows scammers to circumvent advanced Know Your Customers (KYC) checks on cryptocurrency exchanges, escalating the level of crypto fraud, says cybersecurity firm Cato Networks. Scammers previously purchased fake ID documents from the dark web; now, the software lets them create new identities from scratch and falsify webcam images to match fraudulent government-issued identification. ProKYC can also facilitate new account fraud (NAF) at an increased pace. The detection of this sophisticated fraud is challenging and could result in false alarms or fraudulent activity being overlooked.
Full Article
There’s this AI-powered deepfake tool called ProKYC that’s making it easier for bad guys to get around top-notch Know Your Customer, or KYC, checks on crypto exchanges. The cybersecurity company Cato Networks says this is taking crypto fraud to a whole new level of sophistication.
Cato Networks’ main security guy Etay Maor said on October 9 that this new AI tool definitely ups the game compared to the old techniques used by cybercriminals to dodge two-factor authentication and KYC.
Before, they would buy fake ID documents from the dark web. But now, these AI-powered tools let scammers create entirely new identities from scratch.
Cato mentioned that this new tool has been specifically tweaked to target crypto exchanges and financial firms. These companies’ KYC procedures often involve checking if new users’ webcam pictures match with their government-issued IDs, like passports or driver’s licenses.
ProKYC even showed a video on how to use their tool. In it, they make a fake ID and a matching deepfake video to pass the facial recognition tests used by one of the biggest crypto exchanges in the world.
In the video, the user makes a fake face using AI and sticks the deepfake picture onto an Australian passport template. After that, the ProKYC tool creates an accompanying deepfake video and picture of the AI-created person, which successfully gets around the KYC checks on the Dubai-based crypto exchange Bybit.
According to Cato, with tools like ProKYC, it’s become way easier for threat actors to set up new accounts on crypto exchanges, which is referred to as New Account Fraud or NAF.
The ProKYC website sells a package for $629 that includes a camera, virtual emulator, facial animation, fingerprints, and verification photo creation. It’s all part of an annual subscription. They say they can also get around the KYC checks for payment platforms like Stripe and Revolut, plus a few others.
Maor pointed out that catching and preventing this new type of AI fraud is tough. If the systems are too strict, they can give off false alarms, but if they’re too loose, they might allow fraudsters to get through.
But there are possible ways to spot these AI tools. Some involve humans manually checking for extremely high-quality images and videos, or looking for inconsistencies in facial movements and image quality.
Remember, in the U.S., identity fraud is a serious crime that can lead to up to 15 years in prison along with hefty fines.
Last month, software company Gen Digital – the parent company of antivirus firms Norton, Avast and Avira – reported that crypto scams using deepfake AI videos to trick people into fraudulent token schemes have been increasing over the past 10 months.
Source: Cointelegraph