Brinztech Alert: New Fraudulent Verification Service is Detected

Dark Web News Analysis

A new illicit “verification service” has been detected being actively advertised on a known hacker forum. The operators of the service claim to provide fraudulent verification for a wide range of financial platforms, including cryptocurrency exchanges, payment systems, and traditional banks, across multiple geographies. The advertisement specifically mentions offering eSIM services, a key tool used in modern account takeover fraud, and emphasizes a tailored, professional approach to each order.

The emergence of this type of “Fraud-as-a-Service” (FaaS) represents a significant threat to the security of the entire financial ecosystem. These services are purpose-built to systematically defeat the Know-Your-Customer (KYC) and identity verification processes that institutions rely on to prevent fraud. By providing an easy way for other criminals to bypass these security measures, the service acts as a powerful enabler for large-scale account takeovers, money laundering, and direct financial theft.

Key Cybersecurity Insights

The appearance of this new service highlights several critical risks:

• A “Fraud-as-a-Service” for Bypassing Security: This operation is a professional service designed to undermine core security processes. It lowers the barrier to entry for other criminals, allowing them to outsource the difficult step of identity verification in their account takeover and fraud schemes.
• A Direct Enabler of Mass Account Takeovers: This service is the missing link for many cybercriminals. After stealing a victim’s personal data from a separate data breach, an attacker can use this service to fraudulently complete the verification process (for example, by intercepting a one-time code sent to a new eSIM), take over the account, and drain the funds.
• The Weaponization of eSIMs for Cybercrime: The specific mention of eSIM services is a significant modern threat. Criminals are increasingly abusing the convenience of eSIMs to conduct remote and rapid SIM swapping attacks, making it easier to take control of a victim’s phone number without needing a physical SIM card.  

Mitigation Strategies

To combat the threat posed by these fraudulent services, financial institutions and their customers must be proactive:

• Strengthen Identity Verification Processes: Financial institutions cannot rely on simple, single-factor verification methods. It is essential to implement multi-layered and dynamic identity checks for high-risk activities like changing a phone number or resetting a password. This can include biometric verification, liveness checks, and other advanced techniques.  
• Implement Enhanced Monitoring for Account Changes: Institutions must enhance their monitoring systems to detect and flag the precursors to fraud. An immediate red flag and temporary account freeze should be triggered by suspicious sequences of events, such as a user changing their registered phone number and immediately attempting a large withdrawal.
• Promote Public Awareness of SIM Swapping: Users need to be educated about the risks of SIM swapping and other account takeover tactics. They should be strongly encouraged to enable the strongest possible Multi-Factor Authentication (MFA) on all their financial accounts and to set up a PIN or password with their mobile carrier to make fraudulent porting of their number more difficult.  

Secure Your Organization with Brinztech As a cybersecurity provider, we can protect your business from the threats discussed here. Contact us to learn more about our services.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com