Crime-as-a-Service Networks drive explosive surge in Digital Injection Attacks with Native Virtual Cameras, Face Swap and Synthetic Identity Technologies.

Based on iProov’ s live observations of criminal activity worldwide, it unveils the extensive scale of attack trends using readily available capabilities and sophisticated tactics against organisations relying on identity verification to secure system access and high-value transactions. In particular, the report shows a skyrocketing increase in Native Virtual Camera and Face Swap attacks.

Key findings and trends

• Native Virtual Camera attacks have become the primary threat vector, increasing by 2665 % due partly to mainstream app store infiltration.

• Face Swap attacks surged 300 % compared to 2023, with threat actors shifting focus to systems using liveness detection protocols.

• The online crime-as-a-service ecosystem grew, with nearly 24,000 users now selling attack technologies.

• Image-to-video conversion emerged as a new synthetic identity attack vector with a simple, two-step process that could impact many liveness detection solutions already in the market.

Seismic shift in attack sophistication and proliferation

Simple, lone-wolf attacks have evolved into a complex, multi-actor marketplace. iProov’ s report underscores a move towards long-term fraud strategies, with threat actors embedding stolen, bought and synthetically derived identities into the fabric of everyday online identity access points.

Some of the most insidious attacks use sleeper tactics: code that remains dormant for extended periods of time, quietly prepared to wreak havoc on networks. In contrast, other criminals are replicating attacks faster than ever, launching parallel operations across different sectors and expanding their reach into remote work systems and corporate communications.

“ The commoditisation and commercialisation of deepfakes, for instance, pose a significant threat to organisations and individuals,” said Dr. Andrew Newell, Chief Scientific Officer at iProov.“ What was once the domain of high-skilled actors has been transformed by an accessible marketplace of tools and services that low-skilled actors can now use with minimal technical expertise for maximum results.”

The scale of attacks against remote identity verification is vast, with iProov identifying exponential growth analysed across multiple vectors and an increased focus on high-value corporate targets. Among the findings, the report cites that over 115,000 potential attack combinations are possible. An included simulation illustrates the multiplier effect of combining three of the most notorious attack tools, emphasising the severe potential for widespread damage.

The challenge for traditional security frameworks

“ As the rapid proliferation of offensive tools continues to accelerate, security measures are struggling to keep up,” said Dr. Newell.“ We are moving to a world where the authenticity of digital media is becoming impossible to establish by the human eye, making this a problem not just for traditional targets but for any organisation or individual that relies upon the authenticity of digital media to establish trust.”

Static, point-in-time security measures, a collective false sense of security, and human error, exemplified by the fact that just 0.1 % of participants in a recent iProov study could reliably distinguish real from fake content, underscores the limitations of current defences. The report further emphasises that standard detection and containment protocols are not evolving as quickly as the threats, leaving organisations vulnerable for extended periods.

“ Relying on outdated security measures is like leaving the front door open to fraudsters,” said Dr. Newell.“ Success requires continuous monitoring, rapid adaptation capabilities, and the ability to detect and respond to novel attack patterns before they can be widely exploited.”

60 WWW. INTELLIGENTCISO. COM