Communications of the ACM, February 2020, Vol. 63 No. 2, Pages 16-18
News: “Dark Web’s Doppelgängers Aim to Dupe Antifraud Systems: Digital doppelgängers that fool online payment fraud detection systems are a threat to your ban balance.
By Paul Marks
“Credit card fraudsters can use these doppelgängers [detailed fake user profiles] to attempt to evade the machine-learning-based anomaly-detecting antifraud measures upon which banks and payments service providers have come to rely. ”
Deep within the encrypted bowels of the dark Web, beyond the reach of regular search engines, hackers and cybercriminals are brazenly trading a new breed of digital fakes. Yet unlike AI-generated deepfake audio and video—which embarrass the likes of politicians and celebrities by making them appear to say or do things they never would—this new breed of imitators is aimed squarely at relieving us of our hard-earned cash.
Comprising highly detailed fake user profiles known as digital doppelgängers, these entities convincingly mimic numerous facets of our digital device IDs, alongside many of our tell-tale online behaviors when conducting transactions and e-shopping. The result: credit card fraudsters can use these doppelgängers to attempt to evade the machine-learning-based anomaly-detecting antifraud measures upon which banks and payments service providers have come to rely.
It is proving to be big criminal business: many tens of thousands of doppelgängers are now being sold on the dark Web. With corporate data breaches fueling further construction of what market analyst Juniper Research calls “synthetic identities,” Juniper estimates online payment fraud losses will jump to $48 billion by 2023, more than double the $22 billion lost in 2018.
The existence of a doppelgänger dark market was first discovered in February 2019 by security researcher Sergey Lozhkin and his colleagues at Kaspersky Lab, the Moscow-based security software house. His team was carrying out their regular threat analyses on several underground dark forums, “when we discovered a private forum where Russian cybercriminals were hosting information about something called the Genesis Store,” Lozhkin says.
About the Author:
Paul Marks is a technology journalist, writer, and editor based in London, U.K.