- Across LATAM and East Europe, people are deliberately selling their ID documents
- Individuals willingly provide photos and documentation in exchange for payment
- This twist in ID misuse criminality makes standard forgery detection redundant
Researchers at iProov have uncovered a complex dark web operation aimed at undermining Know Your Customer (KYC) verification processes.
Unlike conventional identity theft, the scheme involves unsuspecting victims voluntarily handing over their identity documents and facial images in return for financial compensation.
This approach, dubbed “identity farming,” allows criminals to exploit genuine credentials to bypass verification systems, complicating detection efforts.
Exploiting genuine credentials
In amassing genuine credentials, the operation, predominantly active in the LATAM region (Latin America), can outwit traditional document verification methods that excel at spotting forgeries or alterations.
While similar activities have been observed in Eastern Europe, no direct connection between the groups has been established.
In regions facing economic hardship and high unemployment, individuals are willing to compromise their identities for short-term financial gains.
Fraudsters exploit their victims in this way, offering payment in exchange for identity documents and biometric data, often under false pretenses. Many victims perceive this as a low-risk transaction.
How identity farming operations work
Attackers are a mixed ability group. Those at entry-level rely on simple yet effective techniques such as presenting static images or pre-recorded videos.
More sophisticated actors employ advanced tools like face-swapping software and lighting manipulations, and the most capable attackers use custom AI models and 3D animations, designed to mimic natural human behavior in real-time.
According to iProov, there’s a need for a multi-layered strategy when safeguarding identity verification systems.
This includes measures such as verifying that the presented identity aligns with official documentation, using embedded imagery and metadata analysis to confirm the presence of a real person, and deploying real-time challenge-response systems to detect fraudulent behavior.
“What’s particularly alarming about this discovery is not just the sophisticated nature of the operation, but the fact that individuals are willingly compromising their identities for short-term financial gain,” said Andrew Newell, Chief Scientific Officer at iProov.
“When people sell their identity documents and biometric data, they’re not just risking their own financial security – they’re providing criminals with complete, genuine identity packages that can be used for sophisticated impersonation fraud.”
“These identities are particularly dangerous because they include both real documents and matching biometric data, making them extremely difficult to detect through traditional verification methods.’’
