Stop, cut: how scammers use "undressing" services to deceive users
Fraudsters can use "stripping" services in various criminal schemes, experts have warned about this. Such resources use neural networks to turn ordinary photos of people (most often women) into fake nude images. At the same time, attempts to generate such deepfakes are fraught with problems with both scammers and the law, and those who are "undressed" with the help of AI resources can become objects of blackmail. For more information about how attackers use "undressing" services, see the Izvestia article
Who uses "undressing" services and why
"Undressing" services that turn people's photos into fake nude images using generative artificial intelligence (AI) are visited by millions of users every month, according to a new study by the Indicator portal.
According to the study, the turnover of the illegal industry associated with such resources can reach $36 million (2.8 billion rubles) per year. Experts calculated this amount based on an estimate of the number of users, subscription rates, and purchase of "credits" for image generation.
At the same time, the real profit of "undressing" services can be significantly higher, given their activity outside the sites — for example, in the Telegram messenger. At the same time, such resources are becoming a dangerous tool in the hands of intruders who can use them in a variety of ways.
— In our culture, publishing 18+ content is considered negative for reputation, so attackers can use such tools for blackmail purposes. But this is just the tip of the iceberg," says Sergey Polunin, head of the Gazinformservice IT Infrastructure Solutions protection group, in an interview with Izvestia.
How "undressing" services are used by blackmailers
Locker room services are an effective tool of pressure and manipulation, which has been actively used by scammers for several years, says Yakov Filevsky, an expert in sociotechnical testing at Angara Security, in an interview with Izvestia. According to the expert, intruders are attracted to the "locker rooms" primarily by the low entry threshold and high emotional impact.
"This type of attack on a person is not new, but previously, attackers had to have good skills working in image editors like Adobe Photoshop and do everything manually, and therefore such "entertainment" was not widespread," explains the specialist. — Now, the generation of compromising images takes a few minutes and requires almost no human involvement, which is why we can expect an increase in fraudulent interventions in the near future.
According to Yakov Filevsky, attackers usually use the created images for blackmail: after collecting the victim's contact list, they extort money, attention, emotions or other resources from the girls under threat of mass mailing. Also, cases of the use of "locker rooms" in teenage bullying have already been identified in practice. One fake generated, and a wave of harassment, gossip, and exclusion from social groups begins.
At the same time, in the future, "undressing" services may generate automated mailings with deepfake nudity and allegedly hacked intimate archives of the victim, which will be supplemented with screenshots of imaginary dialogues, merged "correspondence" and fake testimonies of "eyewitnesses". Algorithms will begin to adjust the deepfake to the context: school uniform, office environment, or some real interior. Coupled with hyper-realistic body generation, this will enhance the credibility effect, notes Yakov Filevsky.
"In general, it's frightening that our digital image — photos or videos — no longer seems to belong to us, because any digital fingerprint can be manipulated like a puppet," the expert emphasizes.
What are the risks for users of "undressing" services?
Meanwhile, "undressing" services are sometimes used not only by intruders, but also by ordinary users for their own personal purposes. However, this practice also carries a large number of risks for them, says Alexey Drozd, head of the security department at Serchinform, in an interview with Izvestia. As the expert explains, scammers can easily mimic services for creating nude images: a conditional locker room bot is easy to implement and monetize.
— Scammers are interested in direct withdrawal of money fraudulently and "hijacking" accounts via messenger, — says Alexey Drozd. — Malicious software (VPO) is also often distributed under the guise of AI plug-ins for content generation, which can lead to data theft and damage to the user's system.
On the other hand, "undressing" services allow scammers to immediately work with a vulnerable audience. Users of these resources voluntarily try the "forbidden": virtually "undressing" someone without their knowledge, or even "making believe" is bad, if not formally, then from the point of view of public morality. Scammers use this to blackmail the victim.
They can put pressure on users' feelings of guilt and shame by threatening to send them generated "dirt" or publicly accuse them of using the services. At the same time, scammers can go further and threaten potential victims with criminal liability — for example, under articles on the production and distribution of pornography, Alexey Drozd explains.
"The purpose of such intimidation and blackmail is to extort money or push the victim into other illegal, often socially dangerous acts," the expert says. — It is possible that schemes with such blackmail will only become more popular over time.
According to Izvestia's interlocutor, such fraud techniques are more dangerous than simple theft of money or data. After all, the victim can be manipulated in any way: to achieve everything from involving other users to causing direct physical harm to people or infrastructure facilities. The options are limited only by the imagination of the attackers.
How to protect yourself from the risks of "undressing" services
According to experts interviewed by Izvestia, today any "undressing" services are in a "gray" zone. Therefore, the most reliable way to avoid the risks associated with them is simply not to use such resources. Users of the "locker rooms" run the risk of getting access to their gadgets, losing access to personal accounts and becoming objects of blackmail.
— At the same time, the content generated by them may be publicly available, and they themselves may potentially be held accountable under the law, — says Alexey Drozd.
Trying to generate 18+ content on "undressing" sites, you can run into fraud with bank cards, because somehow you have to pay for services, adds Sergey Polunin. And the leakage of naked deepfakes created using neural networks can be interpreted as the distribution of pornography or interference with privacy, which falls under Articles 137 and 242 of the Criminal Code of the Russian Federation.
But is it possible to protect yourself from the fact that one day your personal photos will not turn into naked deepfakes? According to Yakov Filevsky, it is impossible to fully protect yourself from such threats today, especially if your photos are already in the public domain. Nevertheless, you can reduce your vulnerability to fraudsters. To do this, it is important to be aware of the digital footprint: check your privacy settings, avoid posting images from explicit angles, and monitor your subscribers.
"When deepfake content is discovered, it is necessary to record evidence (links, screenshots), and then contact Roskomnadzor, the platform where the material is posted, and law enforcement agencies," concludes Izvestia's interlocutor.
Переведено сервисом «Яндекс Переводчик»
