Email fraud has been rife this year, with covert channels like Telegram using methods like 3D modeling to circumvent “Know Your Customer” technology. The object? To build fraudulent customer profiles to steal financial information, according to a study by cybersecurity firm ZeroFOX.
For instance, these tools allow cyber criminals to circumvent authentication processes to apply for Coronavirus Aid, Relief, and Economic Security (CARES) benefits.
Many governments and services require an image or selfie of the applicant, which can be matched with a driver’s license. But stolen driver’s license numbers abound, along with personally identifiable information, the report states.
ZeroFOX alleges that these advertisements appeared on Telegram from May 2020 to May 2021:
“Many of these messages contain advertisements for methods used to conduct CARES Act fraud,” the story reports. “Typically, actors keep methods secret in order to reduce the chance of it being discovered, as well as to create exclusivity around the method.
In addition, there were many video advertisements to help malefactors defeat selfie checks. “Actors will use 3D modeling software to create a picture of the victim, and then present the 3D model to the self-identification check,” it continues.
The report recommends that brands do the following (and we quote):