- Security experts say that traditional identity controls fail because they treat each verification as an isolated event
- Deepfake variations let scammers avoid biometric detection systems and life easily
- Consortium validation shares data between organizations to detect subtle and repeated fraud attempts
In a digital world more and more formed by artificial intelligence, identity fraud is evolving on scale and sophistication.
Au10tix experts have marked a new threat tactic known as “repeaters” that is restructuring the way strangers infiltrate digital systems.
Unlike traditional attacks, these are not designed for instant damage; On the other hand, repeaters silently prove the defenses of the banks, the cryptographic platforms and other services through the use of slightly varied synthetic identities.
Once weak points are identified, those same assets are redistributed in multiple platforms in large -scale coordinated fraud campaigns.
In the heart of this strategy there are improved identities in Deepfake, slightly modified versions of a central digital asset.
These changes may include settings to facial characteristics, background images or documents.
When examined individually, each variation seems legitimate, often avoiding the processes of its client (KYC) and biometric controls.
The CEO of Au10tix, Yair Tal, describes them as “the digital footprint of a new class of fraud: automated and improved attacks with AI that reuse synthetic identities and digital assets on scale.”
What makes repeaters particularly dangerous is how the gaps explode in current fraud detection systems.
Most traditional defenses are based on static validation, evaluating each identity as an isolated event. Techniques such as biometric scans, life detection and identification verifications often lose the broadest image.
Because these synthetic identities only appear several times per platform and seem that unique and conventional tools fight to detect repetition.
To counteract this threat, AU10IX therefore presents the “validation of the consortium.” Unlike isolated systems, this method allows multiple organizations to share identity signals in a real -time network, as well as the best final points protection platforms.
If an identity, or even a slightly modified version, appears in more than one member organization, the system is immediately marked.
It is a collaborative defense strategy aimed at connecting the points between isolated incidents.
“We are proud to be at the forefront of detecting and blocking these attacks through the recognition of advanced patterns and the validation of the consortium in real time,” added such
AU10IX recommends that organizations also audit vulnerabilities to defenders and synthetic identities that can avoid traditional KYC defenses.
It also recommends thorough monitoring of behaviors between devices, sessions and incorporation events because it can reveal coordinated activities before they were climbing.
The best opportunity for the early detection of this fraudulent activity is a connected and aware security infrastructure of behavior because no unique solution can affirm that it is the best antivirus or the best protection against malware against this new generation of fraud.
