printer friendly version

Global Identity Fraud Report revealing eight-month ‘mega-attack’

AU10TIX recently released its Q4 Global Identity Fraud Report. Drawing insights from millions of transactions processed across 249 countries from October to December 2023, the report uncovers significant trends in large-scale organised identity fraud. This special edition of AU10TIX’s recurring report goes beyond Q4 to reveal an eight-month-long coordinated identity fraud mega-attack for the first time. Between May and December 2023, organised criminals executed 22 080 fraudulent onboarding attempts using AI-generated variations of a single passport.

AU10TIX researchers have subsequently identified two never-before-seen distinct patterns of ‘mega’ identity fraud attacks, which they have categorised as ‘sudden burst’ and ‘slow burn.’ The sudden burst is represented by the mega-attack involving 22 080 attacks, half of which took place over a short duration of 2-3 weeks. The slow burn refers to the average mega-attack, which involves around 2000 AI-generated IDs being used five to six times per day over a long duration, usually 12 months. The company detected more than ten slow-burn attacks in 2023.

Payments and cryptocurrency were the most targeted sectors in these mega-attacks, but in a surprising development, attacks targeting the social media sector increased by more than 21%. Data suggests that this trend might be tied to organised crime groups attempting to establish social credibility for fake accounts, which will later be used for money laundering and terrorism financing activities.

“We detected these mega-attacks by cross-referencing anonymised ID data against AU10TIX’s consortium of 60+ top-tier organisations, demonstrating the power of collective expertise in identifying complex fraud patterns that may evade individual entities,” said Dan Yerushalmi, CEO of AU10TIX. “Sophisticated AI and deep-fake technology are helping organised crime groups escalate their attack numbers exponentially, but we will continue working to make the world a safer and more secure place.”

Key Q4 trends

Bitcoin value surge led to increased cryptocurrency sector attacks

In Q3, AU10TIX reported a shift in attacks from the cryptocurrency sector to the payments industry, likely in response to the EU’s Markets in Crypto Assets (MiCA) regulations, which require stringent Know-Your-Customer (KYC), Know-Your-Business (KYB) and Anti-Money Laundering (AML) screening for trading platforms. Although this trend continued in Q4, it was impacted by the rising value of Bitcoin throughout the quarter, which attracted both legitimate traders and scammers. As a result, the percentage of global attacks targeting the cryptocurrency sector rose from 23% to 32%. Still, it remained far below the 47% spike of Q2.

Payments tops list as most heavily targeted industry

The payments sector remained responsible for nearly half of all global Q4 fraud attempts. This industry does not have a widespread and globally accepted regulatory framework, so it is crucial that payment organisations strengthen their security protocols to protect consumers from fraudulent transactions.

AU10TIX offers four actionable insights to help organisations protect against identity fraud:

1. Selfie-based biometrics are proven to be effective prevention against fake account onboarding.

2. Robust KYB, KYC, and AML screening are must-haves to protect the reputation of a business.

3. Consortium validation increases privacy and magnifies fraud detection.

4. Be aware that fraudsters are using social media platforms to establish fake ID credibility.

Share this article:

Further reading: