Security researchers have uncovered a significant increase in dark web activity involving stolen identity information from Singapore citizens.
In an advisory published on Monday, Resecurity said cybercriminals are selling these stolen documents, which can be used for fraud, identity theft, impersonation scams and to bypass Know Your Customer (KYC) protocols.
Resecurity has noted a 230% increase in the number of underground vendors offering stolen identity data from Singaporeans over the previous year. This surge is linked to a rise in data breaches compromising various online platforms storing consumer information.
In April 2024, in particular, there was a marked increase in data dumps on the dark web, with thousands of records available for sale. These records often include biometric data, such as fingerprints and facial information, which are reused for illegal activities, including the creation of deepfakes. Additionally, nation-state actors and foreign operatives are highly interested in this data for intelligence gathering.
According to Resecurity, a significant portion of the stolen data was found on XSS, a prominent underground forum. Resecurity’s analysis indicates that multiple breaches are not publicly disclosed by the affected organizations, leaving victims unaware and unable to replace their compromised documents.
This situation is exacerbated by cybercriminals also selling templates for forged documents, making them particularly believable with advanced security features like holograms.
Singpass accounts, which provide access to numerous government and private sector services in Singapore, have also been found for sale on the dark web. These accounts are used by cybercriminals for scams, money laundering and identity theft. Despite the implementation of two-factor authentication (2FA), vulnerabilities in KYC processes are exploited, often with insider collusion.
Read more on 2FA: New Tycoon 2FA Phishing Kit Raises Cybersecurity Concerns
In June 2024 alone, Resecurity identified more than 2377 compromised Singpass accounts and notified the affected individuals. Infostealers are a primary cause of these compromises.
To mitigate these risks, individuals are advised to report stolen Singpass accounts immediately, enable 2FA, change passwords and monitor account activities closely. Businesses should implement robust digital identity protection programs to safeguard employees and customers from account takeovers and identity theft.