In recent months, the National Public Data (NPD) breach has been a topic of intense scrutiny, with cybersecurity experts like Brian Krebs highlighting the poor security practices that contributed to the breach’s magnitude. As we continue to analyze the aftermath, new findings have come to light that underscore the dangers posed by inadequate security measures and the rising threat of infostealer malware as a vector of attack.
New Findings: Malware Infections and Shared Credentials
Our latest investigation into the NPD breach has uncovered two instances of malware infostealer infections associated with the site recordscheck.net, which raise serious concerns about the security of the affected infrastructure.
Infection #1: Shared Credentials or Compromised Systems?
The first case involves a user named Sal Verini, whose email and username were found alongside numerous credentials from creationnext.com. This overlap suggests two possible scenarios:
Shared System Usage: Sal may have used the same computer as someone from creationnext.com, leading to a potential cross-contamination of credentials.
Credential Sharing: Alternatively, Sal may have shared his credentials with someone at creationnext, raising the risk of unauthorized access.
Both scenarios point to poor security practices that could easily be exploited by attackers, leading to significant data breaches.
2. Infection #2: Weak Security and Admin account exposure
The second instance is even more alarming. It involves a user named “admin” who was using one of the most simple passwords possible — “passw***”—a glaring example of weak security. Looking at the autofill data, this account appears to be linked to Thomas S, a young independent Software Developer in Togo. The infection date was recorded as of May 26, 2023.
Were these infections the vector of attack to the NPD breach?
Recent breaches have increasingly been traced back to infostealer malware, which harvests credentials and other sensitive information from infected systems. These stolen credentials and cookies are then used to gain unauthorized access to networks, leading to data breaches and other cyber-attacks.
In the case of the NPD breach, it’s plausible that infostealer malware was the vector of attack. The presence of shared credentials and weak security practices only amplifies this risk, as attackers can use these stolen credentials to infiltrate systems and exfiltrate valuable data.
A Call for Better Security Practices
The NPD breach serves as a stark reminder of the importance of robust security practices. The use of weak passwords, sharing of credentials, and reliance on autofill features are all practices that can lead to catastrophic breaches. Organizations must prioritize security by implementing strong, unique passwords, minimizing the use of autofill for sensitive information, and regularly monitoring for signs of malware infections.
There have been conflicting reports recently published related to the National Public Database (NPD) breach, including claims that “3 billion people have been exposed,” or that “all U.S. social security numbers (SSNs) may have been stolen,” as well as confusion on the quality and veracity of the data.
This blog seeks to clarify and shed light on the real risk and exposure of the breach based on in-depth analysis of the data.
Key highlights of this National Public Data Breach analysis:
How many people were affected?
Based on our analysis, the total number of unique individuals affected by the breach are:
292 million people were exposed, with 272 million including SSNs
This represents 60% of all historical SSNs issued by the IRS, marking the largest volume of SSN exposure on the dark web to date.
Who is affected?
The data is outdated and goes back to the beginning when SSNs were first issued in 1936, including deceased individuals. Some insights include:
Only a small percentage of the SSNs exposed include those assigned within the last 20 years.
The larger population affected was born between 1950 and 1970, as shown in the graph below:
Date of birth for individuals affected by this breach
What is the quality of the data?
The data comes from a poor collection operation from a mix of sources and includes many errors. We created tests to evaluate information with minimal accuracy that may pose some risk for identity attacks.
49% of the SSNs exposed don’t include the minimum quality to pose a risk for identity attacks
Data is always being updated on an ongoing basis, which most likely explains why the quality changes dramatically depending on the age of the data.
Note that even if there are deceased individuals in the dataset, the highest proportion of actionable information affects the living population.
The graph above shows the percentage of identities that have the minimal accuracy required to pose a risk to identity attacks
What is the magnitude of the risk of this dataset?
Even if only 51% of the SSNs exposed hold a minimal quality to be used in identity attacks, this translates to added risk to an unprecedented 138 million people.
NPD is the largest SSN exposure ever surfaced in the dark web – this breach could be used to attack 138 million people
Again, even though the dataset includes many deceased individuals, the highest proportion of actionable information affects the existing population.
Analysis of the Data
Total SSNs Exposed
The total unique SSNs from the collision of Part 1 and Part 2 is 272 million. Since each SSN can only be assigned to one person, the total number of people that had their SSNs exposed, if all SSN numbers are true.
The IRS has assigned 453 million from the 1 billion total possible. This means that this dump exposes 60% of the total historical SSNs. The distribution of SSNs is shown below.
Social security number distribution
Total Number of People Impacted
In the subsequent section, it’s noted that there are 21 million exposed email records not linked to an SSN. Dividing this by 1.1 (the average number of emails per person) reveals an estimated 19 million individuals whose emails were exposed without their SSNs. Adding these 19 million individuals to the 272 million with exposed SSNs, the total number of people affected by the NPD breach amounts to 292 million.
Detailed Numbers
All National Public Data Breach:
Unique People: 294 million
Unique SSNs: 272 million
Unique Emails: 32 million
Detailed information from each package:
Part 1, also called “partial”:
Records: 42,084,115
Unique SSNs: 16,229,269
Unique emails: 32,052,804
Unique emails not associated to an SSN: 21,539,497
Unique SSNs with one or more emails: 10,513,307
Average number of emails per person: 1.1
Part 2, also called “full”:
Records: 261,538,219
Unique SSNs: 261.538.218
Emails: 0
Unique emails: 0
Quality Tests
The data consists of a mix of different sources from scraping of non-public sources according to the class action lawsuit. This has led to concerns regarding the quality of the data with a number of people reporting real findings as well as erroneous ones.
Testing SSNs
The most difficult step when testing the accuracy of SSNs is to have a good quality test dataset. Unlike emails and other credentials, SSNs have rarely been exposed in substantial volumes and are difficult to validate due to their sensitive nature — people generally do not and should not disclose their SSN publicly.
At Constella, we can leverage our extensive experience in protecting millions of identities for nearly 10 years. To assess the validity of SSNs, we gathered 100,000 records containing SSNs that were previously exposed in different breaches and leakages and were tagged as “high confidence” by our Alert Engine.
SSN Numbers Test
Out of the 1 billion potential 9-digit SSN combinations, the IRS has assigned only 46%. Our first test was designed to verify the authenticity of the SSN numbers in isolation, without considering any accompanying information like names, addresses, phones, etc.
76% of the SSNs we tested were found in the NPD data
Minimal Accuracy Test
Despite having a robust test dataset, verifying identity information presents significant challenges, particularly when an email is not included, due to the ambiguity in identity details:
Names often have variations, such as aliases, abbreviations, or different spellings in surnames. Additionally, individuals may change their surnames due to marriage or other reasons.
For example, in our dataset, a man listed as Miguel Guz*** appeared as Michael Guz*** in the NPD dataset, a woman recorded as Josie So*** was listed as Osie So***, a surname Giess***l appeared as Phillip Giess*** without the final “l”, and a woman named Deborah was referred to as Debra.
Addresses and phone numbers are also subject to change over time, further complicating the verification process. For this reason, when alerting SSN records it is quite rare to find a full match of an SSN exposed identity and the identity being tested.
Due to these variations, seeking exact matches between the test dataset and the data under review is often not very productive, as perfect alignment of details is rare. However, partial matches of the data can be sufficient for impersonation attacks, or can be completed with other datasets, or used for creating synthetic identities.
We created tests aimed to evaluate how many of the records include enough real information to pose actual risk of an identity attack. The test evaluates if an SSN, a first name, and a 3rd identity attribute (a surname, DoB, address, or phone) matched. For example: a first name, a surname name and SSN will match the test.
Only 51% of the identities passed the test. But this percentage is highly dependent on the age of the person, being much higher for the younger population. Data from people born in the 90s decade produced a 90% match, from 80s a 73%, and from the 70s a 58% match.
Age of the Data
Only 56% of the records include a Date of Birth. These records contain some “impossible” dates, such as dates of birth in the future or in the first century, affecting a total of 8,900 identities. In analyzing the distribution across decades, the most populated ones are the 1950s and 1960s.
In conclusion, the larger portion of the population was born from 1940 to 1980, the data is quite outdated, with a sharp drop in recent years. It goes way back in the past with 1 million people being born in the 1900’s decade.
About the Breach Package
The breach, initially linked and recently attributed to the data provider National Public Data, was orchestrated by the cybercriminal group USDoD, who allegedly tried to sell the stolen data on the dark web for $3.5 million. This incident underscores the significant risks associated with unauthorized data collection and highlights the critical need for enhanced data protection measures, particularly for individuals in sensitive positions.
The breach first came to light on July 22, 2024, when a malicious actor known as Petrovic an 80GB partial dataset on BreachForums. While this initial leak was considerable, it was merely the tip of the iceberg, revealing only a glimpse of the total compromised data.
By August 6, another hacker named Fenice released the complete dataset, totaling 277GB and 2.69B lines, making this one of the largest data breaches in history.
Versions and Additions. What’s included in our Analysis
On top of the main data, there are additional files with dumps, including a criminal list with 2.8 million criminal records and another one with 2.1 million arrest records.
Some versions of the dump seem to have aggregated other 3rd party leak packages – Troy Hunt reports finding an Acuity directory with 100 million unique emails.
None of them include SSNs, and we won’t include those in this analysis, which will be focused on the core NPD database.
Warren Buffett’s prediction that AI scams are set to become the next major “growth industry” serves as yet another indicator of the transformative shift AI is bringing to cybercrime.
The days of easily identifiable phishing scams, typified by poorly worded emails or typo errors, are long gone. Today, AI can mass-produce hyper-personalized scams that include personal information and are crafted with a level of sophistication that makes them indistinguishable from genuine communications.
The Rise of Hyper-Targeted Scam Attacks
Generative AI enables criminals to automatically scrutinize an individual’s profile, pinpoint specific vulnerable details, and craft highly targeted scams. These attacks, promoted by dark web services such as FraudGPT and WormGPT, meticulously incorporate aspects of the victim’s work, relationships, hobbies, and family life, using actual names, websites, bank account details, and more. The specificity and relevance of these scams make them appear incredibly legitimate, which often lowers the victim’s guard and increases the effectiveness of the fraud.
Imagine receiving an email that appears to be from the bank branch in your town, referencing specific recent transactions and using your and your spouse’s full name. This scenario, once the hallmark of a well-crafted phishing attempt, is now commonplace due to AI’s ability to synthesize detailed information and craft convincing narratives. Each piece of compromised information is a vulnerability exploited by these scams, eroding traditional defenses and necessitating innovative countermeasures.
ScamGPT: Simulating Fraudster’s AI Scams
There is an urgent need to develop robust human defenses capable of detecting and mitigating AI-driven scams effectively to combat these evolving threats. Educational initiatives must highlight the potential consequences of compromised information and the new ways criminals can exploit it to orchestrate seamless scam narratives.
Constella’s all-new ScamGPT solution generates AI scams like fraudsters do to educate and build human defenses so users are trained to detect real scam attacks when they come in the future.
Automatic Profiling of the Victim: Surface of Attack
Powered by the world’s largest data lake comprising over one trillion identity assets, paired with the company’s proprietary AI profiling engine, ScamGPT gathers information about the victim using ID Resolution.
Generative AI Scams
Now that the system knows the victim in depth (emails, services used, locations, skills, relationships), Constella’s trained ScamGPT generative AI model generates scams that include real and very specific information to lower the victim’s defenses.
In the following example, ScamGPT uses the information gathered to identify that the target’s bank is Wells Fargo, and so automatically generates a Wells Fargo email with appropriate branding, and information pertinent to the target, including the bank number, spouse name, and address for the nearby branch office.
In another example, it identifies the model of the target’s car and even the VIN number to create the following email:
In another startling and scary example, ScamGPT impersonates a LinkedIn data identification representative, utilizing genuine user information and harnessing the full conversational capabilities of Generative AI to respond to the user’s inquiries.
The example simulates a scam attempt from an AI-generated female agent using compromised data to win the users trust.
Conclusion
As AI continues to evolve, so too will its application in both legitimate and criminal activities. The escalation of AI-driven scams underscores the imperative of building robust user and employee defenses. This can only be done through awareness and training to create a human firewall that is able to recognize a voice call attack where no software can protect users and employees.
By understanding the capabilities and risks associated with AI in cybercrime, organizations and individuals can better prepare themselves to navigate this complex and rapidly evolving digital landscape.
With fake and synthetic identities emerging as a potent tool for nefarious actors, the threat of cyber deception looms large. Recent revelations shed light on the sophisticated tactics employed by individuals seeking to infiltrate organizations using fraudulent personas. This blog explores the evolving landscape of synthetic identities, the imperative for businesses to bolster their defenses, and Constella’s innovative response with its Advanced Know Your Employee (KYE) solution.
Unveiling the Elaborate Ruse
Across industries and borders, malicious actors are employing elaborate strategies to deceive organizations and gain unauthorized access. Through fake names, counterfeit documents, and meticulously crafted online profiles, these actors seek to exploit vulnerabilities and compromise sensitive information. Constella’s advanced capabilities, leveraging the world’s largest data lake of more than 1 trillion assets collected from the surface, deep, and dark web, can reveal the widespread presence of synthetic identities across freelancing platforms, online communities, and even within existing organizations, underscoring the pervasive nature of this threat.
The Mechanics of Synthetic Identities
Synthetic identities are not merely a collection of false information but carefully constructed personas designed to evade traditional verification processes. Fraudsters combine real and fabricated data to create these identities, making them harder to detect. This sophisticated approach allows them to open bank accounts, apply for credit, and gain employment under assumed identities.
According to a TransUnion report, synthetic identity fraud reached record levels in 2023, with U.S. lender exposure to synthetic identities reaching a staggering $2.9 billion.
Warning on a Global Scale: A Call to Vigilance
Late last year, Reuters broke a startling revelation: The North Korean government had been orchestrating a covert operation using synthetic identities to infiltrate Western companies, aiding its weapons programs.
In this high-stakes investigation, Constella’s solution helped to sift through millions of data points to identify anomalies and potential threats. This capability is invaluable in helping organizations in uncovering synthetic identities—fake personas constructed using a combination of real and fabricated information. By cross-referencing data from various sources, Constella is able to pinpoint inconsistencies that flag potential synthetic identities used by operatives or other malicious actors.
On May 16, 2024, the FBI issued an advisory to help companies recognize and counter threats related to fake IT workers entering the U.S. workforce. Stressing the importance of rigorous identity verification processes, the advisories outlined red flags and specific measures, including comprehensive background checks and video interviews. The imperative for businesses to enhance their identity verification processes and fortify their defenses against cyber deception has never been clearer. That same day, The DOJ announced multiple arrests linked to the scheme, targeting individuals who facilitated using stolen identities. Among those arrested was Christina Marie Chapman from Arizona, who ran “laptop farms” to help North Korean IT workers remotely access company networks under false pretenses. These actions are part of a broader strategy to dismantle the network and hold those who enable such fraud accountable.
Constella Intelligence introduced its Advanced Know Your Employee (KYE) solution in response to the escalating threat landscape. Leveraging our proprietary AI profiling engine and the world’s largest data lake comprising more than one trillion assets, this innovative solution empowers organizations to uncover synthetic identities and manage internal identity risks with unparalleled precision. From continuous monitoring to enhanced identity verification, Constella is revolutionizing internal risk management in an era marked by sophisticated cybercrime and fraud.
Empowering Organizations with Proactive Risk Mitigation
Constella’s Advanced KYE solution equips organizations with unrivaled capabilities for proactive risk mitigation:
Insider Monitoring
Identify and address potential threats through continuous scanning and comprehensive analysis. The solution offers insights into employee activities, helping organizations detect and mitigate risks before they escalate.
Contractor and Portfolio Monitoring
Safeguard investments and supply chain integrity with ongoing insights into contractor activities. This feature is particularly crucial for businesses that rely on third-party vendors and freelancers.
Fraudulent Employee Provisioning
Enhance traditional background checks by uncovering potential risk factors inaccessible through conventional means. This includes deep web searches and cross-referencing multiple data sources to verify employee identities.
A Paradigm Shift in Internal Identity Risk Management
As AI technology continues to evolve, its applications in fraud prevention will expand. Advanced KYE is just the beginning. Future innovations will incorporate more sophisticated approaches and broader applications, further enhancing an organization’s ability to detect and prevent synthetic identity fraud and threats.
A Collective Call to Action
As businesses navigate the complexities of the digital landscape, the threat of synthetic identities and internal risks loom. Constella’s Advanced KYE solution offers hope, enabling organizations to uncover and mitigate internal identity risks with unprecedented accuracy. Are you ready to fortify your organization against cyber deception? Discover how Constella’s Advanced KYE solution can empower your business. Schedule a free demo today and embark on a journey towards enhanced cybersecurity resilience.
The ongoing need for financial institution fraud prevention presents continuous challenges that can have far-reaching impacts on trust and financial stability. Open-Source Intelligence (OSINT) is increasingly recognized as a crucial element in the strategic toolkit for fraud prevention within financial institutions. In fact, Fraud scams and bank fraud schemes resulted in $485.6 billion in losses globally last year, according to Nasdaq’s 2024 Global Financial Crime Report released last month.
The Critical Role of Deep OSINT in Financial Service Fraud Prevention
Classic OSINT involves the collection and analysis of information from publicly accessible sources to identify potential threats or fraudulent behavior before it causes harm. In the financial sector, this means leveraging a variety of data points from web and forums in internet and social media. Constella has expanded classic OSINT with Deep OSINT, that includes the Deep & Dark Web, which holds a much bigger amounts of information and where 1 trillion identity assets can be found.
Constella’s Hunter: A Beacon for Financial Fraud Prevention
Constella Hunter exemplifies the application of Deep OSINT in the financial sector. Hunter’s capabilities enable financial institutions to delve deep into the digital realm to uncover and attribute fraudulent activities to real-world identities. By analyzing data across multiple layers of the internet—including the obscure corners of the dark web—Hunter provides unparalleled visibility into potential threats.
Operational Benefits of Deep OSINT in Financial Institutions
Using OSINT tools like Hunter, financial institutions can streamline their fraud detection processes. This includes:
Cyber Attribution: Quickly linking suspicious activities to real identities, thereby reducing the time from detection to response.
Risk Assesment: Incident response teams can assess risk and prioritize depending on who is the attacker. An apparently small event becomes should be taken very seriously if the attacker is an important adversary.
Enhanced KYC Compliance: Supporting Know Your Customer (KYC) efforts by providing detailed background checks and identity verification to prevent fraud.
Know your Employee & Insider Threat Detection: Identifying unusual or unauthorized activities that could suggest internal fraud.
AML and Sanction Lists compliance: Financial institutions use Deep OSINT to investigate money laundering and can detect engagement with a sanctioned entity.
The Strategic and Competitive Advantage of Deep OSINT
For financial institutions, the integration of Deep OSINT into their cybersecurity and fraud prevention strategies provides a competitive edge. It allows for a more comprehensive understanding of the threat landscape, better risk management, and more effective protection of customer assets and information. By deploying Constella’s Deep OSINT solutions, financial organizations can not only defend against fraud but also enhance their operational efficiency and maintain regulatory compliance.
As financial institutions navigate the complexities of the modern threat landscape, Deep OSINT provides a powerful tool for enhancing fraud prevention strategies. Constella Intelligence’s Deep OSINT solutions offer the depth, breadth, and analytical capabilities necessary to safeguard against the evolving tactics of cybercriminals and fraudsters in the financial sector.
For financial leaders interested in strengthening their fraud prevention systems, exploring Constella Intelligence’s Deep OSINT capabilities can be a significant step toward securing their operations in the digital age. Schedule a demo today to get started.
Over the past decade, the Deep & Dark Web has emerged as a staggering repository of tens of billions of exposed identities adding up to more than one trillion identity assets exposed, an unprecedented volume that defied all expectations. These identities stem mostly from massive breaches, leakages affecting some of the world’s largest companies and organizations.
Classic Open Source Intelligence (OSINT) primarily depends on publicly available information that individuals consciously choose to share or make public. It involves gathering data from sources like social media, public records, websites, and publications. In this approach, investigators primarily work with data that authors, individuals, or organizations have intentionally put into the public domain. Classic OSINT very often depends on the mistakes or disclosures made by the subjects themselves, as they control what they choose to publish.
In stark contrast Deep OSINT data consists of information that was never intended for such widespread disclosure. It was very hard to imagine 10 years ago that our private information would be share in such scale. That is why Deep OSINT is so powerful in finding connection of bad actors: it’s information that they it was unintended, and they never thought that it would be made public.
Actor Investigations and the Role of Deep OSINT
What makes this reservoir of data truly remarkable is that it encapsulates the digital histories of most internet users spanning the last 15 years. This treasure trove of information has opened new horizons for large-scale investigations into actors operating on the internet.
Examples of this investigations are Reuters investigations of North Korean IT workers using fake names, sham LinkedIn profiles, counterfeit work papers and mock interview scripts, and the many investigations that Brian Krebs has held taking down criminal networks
It’s crucial to emphasize that this resource should only be harnessed in the realms of fraud and crime investigations, where it can be an invaluable tool in the pursuit of justice and security.
Deep OSINT’s Critical Role in Fraud Detection
Automating these investigations at scale using AI allows the assessment of thousands or even millions of profiles for fraud detection.
In the fight against fraud, deep OSINT plays a pivotal role through:
Advanced KYC (Know Your Customer)
KYE (Know Your Employee) screening and Insider Detection,
Synthetic identity fraud detection, which spots fictitious identities created by merging real and fake information.
By harnessing the power of a data lake consisting of over one trillion assets, Constella Intelligence provides an unparalleled level of detection abilities, crucial in today’s intricate cyber threat landscape.
Deep OSINT as the New Frontier in Cyber Investigations and Fraud
Fraud detection Security service providers and enterprises can benefit immensely from deep OSINT capabilities. As evidenced by Constella Intelligence, whose expertise in AI-driven identity risk intelligence and deep OSINT investigations has set a benchmark in the industry, the integration of deep OSINT into security measures is not just an option—it is a necessity for robust digital defense mechanisms.
How are we revolutionizing identity theft with AI? In an age where digital footprints are as unique as fingerprints, the concept of identity has become the new perimeter in cybersecurity. Each compromised identity represents a potential vulnerability, an entry point that can be exploited through sophisticated identity attacks. Against this backdrop, Constella Intelligence leads the charge against digital identity threats with a cutting-edge, AI-driven approach. This comprehensive strategy not only anticipates potential threats but also actively engages users in safeguarding their digital presence through innovative technologies and simulations. Here’s a closer look at how Constella is reshaping the landscape of identity theft protection.
Introduction to AI-Driven Identity Theft
As we navigate the digital age, marked by unparalleled connectivity and convenience, we’re also faced with sophisticated threats to personal identity security. Cybercriminals are constantly crafting new methods to exploit personal information for malicious ends. In response, Constella Intelligence harnesses the power of Artificial Intelligence (AI) to establish a dynamic and robust defense mechanism. This initiative goes beyond merely responding to threats, aiming instead to preempt them and marking a proactive shift in the cybersecurity paradigm.
Simulating Fraudsters’ AI Tools to Gather Information
In the shadowy corners of the internet, a service known as FraudGPT is being sold to criminals eager to exploit AI for malicious purposes. Constella’s response is to fight fire with fire. By employing the same advanced AI technologies used by cybercriminals, Constella introduces AI-Driven Identity Resolution as a shield against identity theft. This method utilizes Constella’s vast data repositories to generate a sophisticated risk intelligence graph, crafting a detailed Risk Profile for each individual.
This approach delves deep into the digital identity mosaic of each user, examining Personally Identifiable Information (PII), online behaviors, and social connections to uncover vulnerabilities. By comprehending the intricate web of a user’s digital life, Constella can anticipate and neutralize potential threats with unparalleled precision. This proactive defense mechanism provides users with a personalized shield, leveling the playing field in the ongoing battle for digital security.
Hypertargeted Attack Simulations with AI
A fundamental aspect of Constella’s strategy for user education and preparedness is the deployment of hypertargeted attack simulations. These AI-powered simulations are intricately designed based on the specific vulnerabilities and exposed data of an individual. By simulating realistic scam scenarios, Constella offers a safe and informative environment for users to learn, react, and adapt. Far from being generic, these simulations are tailor-made to reflect the threats that an individual is most likely to face, significantly enhancing the learning experience. This hands-on approach equips users with the ability to discern and counteract identity theft attempts, thus bolstering their digital resilience.
Setting a New Standard – Revolutionizing Identity Theft Protection
Constella Intelligence’s AI-driven approach to identity theft protection heralds a paradigm shift in cybersecurity. Through meticulous monitoring, personalized scam simulations, and an emphasis on user education, Constella tackles not just the symptoms of digital threats but their root causes. By empowering users to defend themselves effectively, Constella not only boosts individual security but also fosters a safer digital ecosystem for all.
As digital threats continue to evolve, the importance of informed, proactive individuals in the fight against identity theft cannot be overstated. Constella’s initiative serves as a testament to the belief that in this battle, an educated user is the best defense, underscoring the critical role of each digital identity in the broader cybersecurity perimeter.
In the dynamic landscape of cybersecurity, Constella transcends its role as a data company, revolutionizing Identity Risk through cutting-edge AI-driven intelligence. The new AI model leverages Constella’s vast repository of greater than one trillion assets to protect Identity Theft and assess Identity Risk.
From a Massive Data Lake into an Intelligence Risk Graph
Constella has transformed its extensive identity data lake, sourced from various internet domains, including the Dark Web and social media, into a sophisticated risk intelligence graph that gathers all the different exposed information from a person through 15 years of activity, providing a complete Surface of Attack and comprehensive Risk Profile.
A New Era of Identity Theft Protection: AI-Driven Scam Simulations
As the leader in Digital Identity Theft monitoring, Constella focuses on proactive defense mechanisms against identity theft by scanning underground communities for unauthorized information exposure.
This new phase introduces an advanced AI model designed to produce simulated hyper-targeted and customized identity scams, serving as a crucial educational and awareness tool. Constella aims to train and educate consumers about potential cyber-attacks by simulating real attacks from a criminal’s perspective.
Each compromised identity in the hands of criminals represents a potential vulnerability that targeted identity attacks will exploit. The new AI-driven simulations mimic those attacks, building a human firewall to protect themselves in the digital world better.
An Investigation Copilot to Reveal Bad Actors
Constella’s data lake also powers fraud, law enforcement OSINT investigation teams Uncover bad actors and insiders with unparalleled depth, enabling a new level of scrutiny in the fight against cyber threats.
With Constella’s AI model, investigators now have access to an AI Copilot that automates the investigation and assessment of potential bad actors on an unprecedented scale. The actual process of pivoting, finding new data, reviewing, and pivoting again is now done by the Copilot, gaining great efficiency for the investigators.
Monitoring Identity Risk at Scale to Protect from Fraud
Leveraging Constella’s data lake with a rich digital history spanning 15 years, the new Constella AI automatically assesses millions of identities, offering fraud teams a powerful new tool to combat online fraud.
Key applications include:
Screening at Onboarding (KYC): Identifying and preventing onboarding of bad actors and risky profiles using 15 years of user activity history while preserving privacy.
Detection of Synthetic Identities: Simulating and scoring the risk of new onboarded users being fake or fabricated.
Automatic Monitoring of Potential Insiders: Vigilantly tracking organizational activities to promptly identify and address insider threats.
A Company Transformation into an Intelligence Powerhouse
The leap from a data-centric company to an intelligence-focused organization marks a significant milestone for Constella. The automation of AI Identity Resolution, coupled with Identity Theft scam generation provided by Generative AI Large Language Models, enables the creation of thorough attack surfaces and customized scam simulations to protect and educate users. This transition reflects a significant evolution in the fight against cybercrime. Constella, now an intelligence hub, is a testament to innovation’s power in creating a safer digital world.
Stay informed and prepared. In the digital age, knowledge is not just power but protection.
