- In Latin America and Eastern Europe, people deliberately sell their ID cards.
- People voluntarily provide photographs and documentation in exchange for payment.
- This shift in ID misuse crime makes standard forgery detection redundant
iProov researchers have uncovered a complex dark web operation aimed at undermining Know Your Customer (KYC) verification processes.
Unlike conventional identity theft, the scheme involves unsuspecting victims voluntarily handing over their identification documents and facial images in exchange for financial compensation.
This approach, called “identity farming,” allows criminals to exploit genuine credentials to bypass verification systems, complicating detection efforts.
Exploit genuine credentials
By accumulating genuine credentials, the operation, predominantly active in the LATAM (Latin America) region, can circumvent traditional document verification methods that excel at detecting forgeries or alterations.
While similar activities have been observed in Eastern Europe, no direct connection between the groups has been established.
In regions facing economic hardship and high unemployment, people are willing to compromise their identities for short-term financial gain.
Scammers exploit their victims in this way, offering payments in exchange for ID documents and biometric data, often under false pretenses. Many victims perceive this as a low-risk transaction.
How identity farming operations work
The attackers are a mixed skill group. Beginners rely on simple but effective techniques, such as presenting static images or pre-recorded videos.
The most sophisticated actors employ advanced tools such as face-swapping software and lighting manipulations, and the most capable attackers use custom AI models and 3D animations, designed to mimic natural human behavior in real time.
According to iProov, a multi-layered strategy is needed when safeguarding identity verification systems.
This includes measures such as verifying that the presented identity matches official documentation, using embedded images and metadata analysis to confirm the presence of a real person, and implementing real-time challenge-response systems to detect fraudulent behavior.
“What is particularly alarming about this discovery is not only the sophisticated nature of the operation, but the fact that individuals are voluntarily compromising their identities for short-term financial gain,” said Andrew Newell, chief scientific officer at iProov.
“When people sell their ID documents and biometric data, they are not only risking their own financial security: they are providing criminals with complete, genuine identity packages that can be used for sophisticated phishing frauds.”
“These identities are particularly dangerous because they include both real documents and matching biometric data, making them extremely difficult to detect using traditional verification methods.”
