Post Syndicated from Payal Dhar original https://spectrum.ieee.org/tech-talk/telecom/security/digital-doppelgngers-fool-advanced-antifraud-tech
With traces of a user’s browsing history and online behavior, hackers can build a fake virtual “twin” and use it to log in to a victim’s accounts
As new security technologies shield us from cybercrime, a slew of adversarial technologies match them, step for step. The latest such advance is the rise of digital doppelgängers—virtual entities that mimic real user behaviors authentic enough to fool advanced anti-fraud algorithms.
In February, Kaspersky Lab’s fraud-detection teams busted a darknet marketplace called Genesis that was selling digital identities starting from US $5 and going up to US $200. The price depended on the value of the purchased profile—for example, a digital mask that included a full user profile with bank login information would cost more than just a browser fingerprint.
The masks purchased at Genesis could be used through a browser and proxy connection to mimic a real user’s activity. Coupled with stolen (legitimate) user accounts, the attacker was then free to make new, trusted transactions in their name—including with credit cards.