Research Identifies Two Never Before Seen Attack Patterns With Worst Case Involving 22,000+ AI-Generated Variations of a Single U.S. Passport
TEL AVIV, Israel, March 12, 2024 /PRNewswire/ -- AU10TIX, a global technology leader in identity verification and management, today released its Q4 Global Identity Fraud Report. Drawing insights from millions of transactions processed across 249 countries from October to December 2023, the report uncovers significant trends in large-scale organized identity fraud. This special edition of AU10TIX's recurring report goes beyond Q4 to reveal for the first time an eight-month-long coordinated identity fraud "mega-attack." Between May and December 2023, organized criminals executed 22,080 fraudulent onboarding attempts using AI-generated variations of a single passport.
AU10TIX researchers have subsequently identified two never before seen distinct patterns of "mega" identity fraud attacks, which they have categorized as 'sudden burst' and 'slow burn.' The sudden burst is represented by the mega-attack involving 22,080 attacks, half of which took place over a short duration of 2-3 weeks. The slow burn refers to the average mega-attack, which involves around 2000 AI-generated IDs being used 5-6 times per day over a long duration, usually 12 months. The company detected more than ten slow burn attacks in 2023.
Payments and cryptocurrency were the most targeted sectors in these mega-attacks, but in a surprising development, attacks targeting the social media sector increased by more than 21%. Data suggests that this trend might be tied to organized crime groups attempting to establish social credibility for fake accounts, which will later be used for money laundering and terrorism financing activities.
"We detected these mega-attacks by cross-referencing anonymized ID data against AU10TIX's consortium of 60+ top-tier organizations, demonstrating the power of collective expertise in identifying complex fraud patterns that may evade individual entities," said Dan Yerushalmi, CEO of AU10TIX. "Sophisticated AI and deep-fake technology are helping organized crime groups escalate their attack numbers exponentially, but we will continue working to make the world a safer and more secure place."
Key Q4 Trends
BitCoin Value Surge Led to Increased Cryptocurrency Sector Attacks
In Q3, AU10TIX reported a shift in attacks from the cryptocurrency sector to the payments industry, likely in response to the EU's Markets in Crypto Assets (MiCA) regulations, which requires stringent Know-Your-Customer (KYC), Know-Your-Business (KYB) and Anti-Money Laundering (AML) screening for trading platforms. Although this trend continued in Q4, it was impacted by the rising value of Bitcoin throughout the quarter, which attracted both legitimate traders and scammers. As a result, the percentage of global attacks targeting the cryptocurrency sector rose from 23% to 32%. Still, it remained far below the 47% spike of Q2.
North America and APAC Saw Majority of Cryptocurrency Sector Attacks
Even within the cryptocurrency sector, divergent trends were exhibited across regions. In Europe, the implementation of MiCA has been impactful, resulting in no increase in attacks despite the jump in Bitcoin value. However, North America and APAC have no such regulations and thus experienced heightened activity as fraudsters attempted to exploit the Bitcoin frenzy and go unnoticed in the flux of trading. Consequently, payments sector identity fraud in North America dropped by 30% as some fraudsters turned their focus back to cryptocurrency.
Payments Tops List as Most Heavily Targeted Industry
The payments sector remained responsible for nearly half of all global Q4 fraud attempts. This industry does not have a widespread and globally accepted regulatory framework, so it is crucial that payments organizations strengthen their security protocols to protect consumers from fraudulent transactions.
AU10TIX offers four actionable insights to help organizations protect against identity fraud:
- Selfie-based biometrics are proven to be effective prevention against fake account onboarding
- Robust KYB, KYC, and AML screening are must-haves to protect the reputation of a business
- Consortium validation increases privacy and magnifies fraud detection
- Be aware that fraudsters are using social media platforms to establish fake ID credibility
About AU10TIX
AU10TIX plays a pivotal role in establishing trust between individuals/companies and digital systems. Founded in 2002, it is the global leader in identity verification and management, protecting the world's largest brands against advanced fraud. The company's future-proof product portfolio helps businesses provide frictionless customer onboarding and verification in 4-8 seconds while staying ahead of emerging threats and evolving regulatory requirements. AU10TIX offers the world's only 100% automated global identity management system, as well as the industry's only solution that can detect organized mass attacks by analyzing traffic patterns and cross-checking data in a consortium of more than 60 major companies. With its deep roots in airport security, AU10TIX has authenticated billions of identities. AU10TIX is a subsidiary of ICTS International N.V. (OTCQB: ICTSF). Connect with AU10TIX on LinkedIn and on X at @AU10TIXLimited. For more information, visit AU10TIX.com.
SOURCE AU10TIX
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
Newsrooms &
Influencers
Digital Media
Outlets
Journalists
Opted In
Share this article