Security researchers have discovered a significant rise in dark web activity involving stolen identity information from Singapore citizens. Resecurity, in an advisory published on Monday, revealed that cybercriminals are selling these stolen documents for fraud, identity theft, impersonation scams, and bypassing Know Your Customer (KYC) protocols. They noted a 230% increase in underground vendors offering stolen identity data from Singaporeans over the previous year, attributed to a rise in data breaches compromising various online platforms.
In April 2024, there was a notable increase in data dumps on the dark web, with thousands of records, including biometric data, available for sale. This data is reused for illegal activities, such as creating deepfakes, and is of particular interest to nation-state actors and foreign operatives for intelligence gathering. A significant portion of the stolen data was found on XSS, a prominent underground forum. Resecurity’s analysis indicated that multiple breaches are not publicly disclosed, leaving victims unaware and unable to replace their compromised documents.
Cybercriminals are also selling templates for forged documents, enhanced with advanced security features like holograms, making them highly believable. Singpass accounts, which provide access to numerous government and private sector services in Singapore, have been found for sale on the dark web. These accounts are used for scams, money laundering, and identity theft. Despite two-factor authentication (2FA) implementation, vulnerabilities in KYC processes are exploited, often with insider collusion. In June 2024, Resecurity identified over 2,377 compromised Singpass accounts and notified the affected individuals.
Reference:
