Product — face: scammers began collecting images of Russians from different angles
Hackers have increasingly begun to collect images of Russians' faces — several cybersecurity companies told Izvestia about this new dangerous trend. Along with the standard scheme, when a potential victim is sent a link to pay and enter card details under the guise of a seller, fraudsters are now asked to confirm their identity, and for this they need to provide access to the camera and show their face from all angles. Experts note that the "faces library" will be used to create deepfakes and confirm financial transactions. Details of the new fraudulent scheme can be found in the Izvestia article.
How Russians' faces are stolen
A new fraud scheme has appeared in Russia — criminals are luring victims out of images of their faces, Kaspersky Lab warned. The relevant phishing sites of the company are detected using internal methods of cyber threat research. The attackers act under the guise of sellers. The scheme looks like this: they force visitors to the portal with ads who are interested in the product to switch to a third-party messenger to communicate.
— They send you a payment link that actually leads to a phishing site. However, after entering the card details on a fake page and transferring money, the potential victim is asked to confirm his identity, ostensibly to complete the operation, the company explained.
To confirm their identity, the attackers require access to the device's camera, "place your nose in the center of the green zone" and show your face from all angles. After the "verification" nothing happens, only a notification appears with a suggestion to close the page.
This is how attackers try to get money, payment data, and detailed portraits of people, explained Olga Altukhova, senior content analyst at Kaspersky Lab.
"It is likely that fraudsters can potentially use detailed images in the future, including to steal accounts in those services where they are asked to confirm their identity by video," the expert said.
This is a combined fraud scheme, where social engineering is used as a trick, said the head of BI.ZONE AntiFraud Alexey Luzhnov: fraudsters can steal both personal and biometric user data.
"The new trend of biometric data theft carries serious risks," he said. — For example, fraudsters can create fake documents and fake profiles on social networks using photos of victims. In addition, attackers can use images of users in services vulnerable to deepfakes to illegally pass biometric identification.
In addition, biometric data released online can become a reason for blackmail or discredit, which leads to reputational losses.
Fraudsters are constantly improving their schemes to maximize profit, and now, along with payment data, they are trying to obtain biometric data, as confirmed by the data analyst of the RU/ Domain Coordination Center.Russian Federation Evgeny Pankov.
Most users still do not understand how biometrics works, added Andrey Mishukov, CEO of iTPROTECT.
— For people, showing their face to the camera is just another "continue" button, — he explained.
Until biometric verification becomes a commonplace and absolutely well-established phenomenon for the majority, this topic will remain extremely vulnerable, the expert predicts.
—Scammers, as always, take advantage of the fact that technology is ahead of society's habits," he stressed.
How to create deepfakes
Deepfakes are produced using generative adversarial networks — GAN (Generative Adversarial Network), said Marina Ryabova, senior data analyst at the R&D Laboratory of the Solar Group Cybersecurity Technology Center.
"The more facial images from different angles an attacker gets, the better forgery he will be able to make," she said. — These fakes can be used to create fake materials (images and videos) with the participation of the deceived user. For example, your "grandmother" calls you from the hospital with a request to urgently transfer money for treatment, or an outsider enters the office with a FaceID system.
The stolen biometric data can be used by hackers to create deepfakes, Alexey Luzhnov confirmed. Often, leaked information appears in fake boss fraudulent schemes, when they create fake accounts in messengers using the name and photo of the head, and then contact employees on his behalf. And also in the "compromising interviews" scheme, when fraudsters act under the guise of an employer.
At the same time, such "verification" may seem harmless, but in fact, the person actually transmits his digital face to the attackers, Evgeny Pankov added.
"The danger of this scheme is that having received a face image from various angles, fraudsters can use it to bypass biometric authentication," he stressed. — And this opens up access to banking applications and services with facial recognition.
According to a Solar study, messengers are the most popular channel for leaking information from companies in 2024. In 35% of cases, the data goes through them. Attackers use various tools to gain access to confidential data. One of these options is to use employee dipfakes. It is worth remembering that photos posted on social networks and accounts of other applications can be the key to sensitive information.
— We often conduct various studies. One of these is the detection of deepfakes. It was possible to track high—quality forgery by certain signs: for example, by reflection in the retina of the eye or by the peculiarities of rendering teeth," Marina Ryabova said.
Is it possible to avoid face theft
It is important for users to be critical of any suggestions on the Web that involve a request to share confidential data, Olga Altukhova reminded.
— Before giving the site access to personal information or a camera, check the website address — if it differs from the original one, you should be wary, — she stressed. — To protect against phishing, it is also important to use special programs that will warn you about an attempt to switch to a fake resource.
According to Alexey Luzhnov, in order to protect yourself from such fraudulent schemes, you should never transfer personal data and images to strangers and not post them on unverified platforms.
— Use two—factor authentication: this measure will provide an additional level of security to your accounts, - he pointed out. — As well as browsers with built-in antivirus and firewall plug-ins. Many modern antiviruses contain a firewall module and protect users from suspicious sites, links, and malware.
Payment for any purchases must be made only on official websites using standard and secure forms of payment or through your online banking, Evgeny Pankov reminded.
— Before entering your card details or making a payment, carefully check the website address — the difference in one letter or symbol may cost you lost funds, — the expert emphasized. — And never allow unknown websites to access your camera and microphone. Biometric data is not a login password, it cannot be "changed" in case of leakage.
In addition, none of the major government services or banks require face authentication, Marina Ryabova said. You should not succumb to the manipulations of a criminal under any pretext. According to her, reducing the amount of data about yourself on all kinds of available resources and social networks will reduce the risk of compromising sensitive information and using a deepfake.
Переведено сервисом «Яндекс Переводчик»
