• by Ray Schultz , May 21, 2021

Email fraud has been rife this year, with covert channels like Telegram using methods like 3D modeling to circumvent “Know Your Customer” technology. The object? To build fraudulent customer profiles to steal financial information, according to a study by cybersecurity firm ZeroFOX. 

For instance, these tools allow cyber criminals to circumvent authentication processes to apply for Coronavirus Aid, Relief, and Economic Security (CARES) benefits.  

Many governments and services require an image or selfie of the applicant, which can be matched with a driver’s license. But stolen driver’s license numbers abound, along with personally identifiable information, the report states. 

ZeroFOX alleges that these advertisements appeared on Telegram from May 2020 to May 2021:

• 270,828 profile or method advertisements for SBA, PPP and CARES fraud
• 269,381 background investigation service lookup advertisements (Phish or Insider)
• 48,271 DL Lookup advertisements (Method or Service)

“Many of these messages contain advertisements for methods used to conduct CARES Act fraud,” the story reports. “Typically, actors keep methods secret in order to reduce the chance of it being discovered, as well as to create exclusivity around the method.  

In addition, there were many video advertisements to help malefactors defeat selfie checks. “Actors will use 3D modeling software to create a picture of the victim, and then present the 3D model to the self-identification check,” it continues. 

The report recommends that brands do the following (and we quote):

• Deploy effective KYC measures and technologies to sufficiently review client signup data
• Continuously monitor cybercriminal activity for new tactics and techniques that attempt to defeat the KYC technology your organization uses
• Consider deploying anti-fraud techniques to combat automated signups, such as identifying discrepancies in user sign-up data, which includes geolocation, device, IP address and attempts to sign up
• Have a process to thoroughly review your KYC datasets for fake or fraudulent records, especially selfies and driver’s licenses.