Biometric Selfies & Forged Passports On The Dark Web For Sale


Personal identities are rapidly sold on the dark web, with the recent ones being biometric selfies. Privacy Affairs has published a report named “2021 Dark Web Price Index”, seeing this massive surge. The report details the average prices for various products that include all kinds of selfies bearing IDs. These selfies can be utilized to cause biometric spoof attacks across forums, websites and marketplaces.

The “2021 Dark Web Price Index” report states that a forged Maltese passport had been discovered on the dark web that is the most expensive product found bearing an average price of $6,500. The lowest price bearing product was a forged US valid Social Security Number (SSN) priced at $2.00. The raised prices across the products are probably due to the increasing risks of acquiring the information. Other factors include increasing benefit for the buyers to utilize the information as well as the improved quality or accuracy of the card data, as Privacy Affairs mentions.

A “USA selfie with holding ID” that would be used for the biometric selfies in the identity verification has been listed for $100 as well. 

As per PA, 2020 had seen a significant rise in cyberattacks. These cyber-attacks were not just in quantity but also in the variety of the attacks that have hit the situation. The array included crypto account hacking alongside the web services such as Uber services and biometric selfies.

“It’s no longer enough to just have a person’s ID, you need to confirm identity with a selfie. And since all business had to be conducted online during the pandemic, people inevitably had to provide a selfie to verify their identity. For some reason, people are not as careful as they should be with their data online, so malicious actors just take advantage of how easy it is to collect information,” says Flare Systems Cybersecurity Research Lead Luana Pascu in an email to one of the biometric companies.

A cloned Mastercard with a PIN is also much demanded on the darknet. It costs around $10 excess than that of the earlier years. This year the price of valid Mastercards were seen to be sold at $25 as compared to $15 last year. The vendors of these stolen credit cards also have been seen to provide an 80% guarantee. This states that two out of every ten cards are not accurate. 

The card numbers available on the dark web result from data compromises at the various merchant locations and never done by the card issuers themselves. The hacked credit cards of the USA bear the lowest value due to high supply, while the stolen credit cards of Israel are priced the highest as per the index. 

The credit cards are sold in the format: 

[CC|MM|YY|CVV|HOLDER_NAME|ZIP|CITY|ADDRESS|EMAIL|PHONE], where the first four segments are just the card details, and the following five sections hold the cardholder’s information.

“Financial crimes have increased during the pandemic. When the pandemic started, there was a spike in sales related to COVID masks and other equipment that was hard to find at the time. Some marketplaces even went from public to private, but overall sales did not necessarily go down,” says Pascu, “the social engineering tactics used to lure victims into revealing personal information seem to be effective during tax season or when COVID-19-related information is involved. However, there have been fraud prevention methods implemented, making it harder to abuse the (Canadian government) benefit program.”

The dark web buyers have nearly abandoned the cryptocurrency Bitcoin (BTC) as it lacks security, as the report reveals. It also says that the vendors are also forcing the buyers to use Monero (XMR) as a mode of payment apart from using Pretty Good Privacy (PGP) encryption for communication. This enables them to mitigate detection and law enforcement tracking. On top of this, hackers are resorting to various social engineering techniques to acquire login credentials. It might seem quite an easy job, but it is actually a labour-intensive task and has a relatively low success ratio. This is all because of the latest hike in the security measures such as MFA and account locks by several social media platforms. The hacked cryptocurrency accounts seem to be one of the most valuable items for purchase, bearing a verified Coinbase account put up for sale at around $610.

What else can be found other than these and the latest addition, Biometric selfies? Well, PayPal account details are extensively available online, and the list of the illicit goods on offer is also available. This consists of the Distributed Denial of Service or DDoS attack services, deepfakes and digital health passes.

“Malicious actors are also talking about ways to obtain COVID passports or vaccination certificates,” Pascu observes, “but this activity is currently flagged as illegal on most marketplaces ‘for ethical purposes,’ as stated on a group we monitor.”

Currently, the deepfakes are also gaining momentum and popularity on the dark web, where criminal deepfake activity develops into an economic niche. Deepfake services have been found to be offered on a dark web hacking forum for $20 for each minute of the fraudulent video in June last year. 

“In addition to posts about deepfakes impersonating celebrities in adult videos, there are forums listing different schemes and tools to create your own for use in identity verification, and there is some interest in methods to make money with deepfakes,” comments Pascu.

Counterfeit money sales were also prevalent, where the most common fake currencies seen were EUR, USD, CAD, GBP and AUD.

Pascu warns that the malevolent actors are continuously changing with the change in the operation of the markets. 

“Up until recently, ransomware groups were looking for specific profiles to add to their affiliate programs such as fluent Russian speakers with solid experience in specific types of attack methods. As they are regrouping, we are looking at a more organized and trained opponent.”

Privacy Affairs has also disclosed recommendations for individuals to protect themselves from fraudsters and cybercriminals on the dark web. This exact step has been taken to protect people from various cybercriminal activities online. This will also make sure to minimize the existing phishing methods, including biometric selfies being sold online.

Source: Biometric Update

Disclaimer: Read the complete disclaimer here.


Please enter your comment!
Please enter your name here