Constella Intelligence

Main Menu

The Future of Identity Protection: Real-Time Threats and Scams

Alberto Casares on November 5, 2024

In today’s digital landscape, protecting your identity from real-time threats is more critical than ever. As a cybersecurity expert, I’ve seen an evolving spectrum of threats that go far beyond traditional identity theft. From classic dark web doxing to the advent of fullz—full identity kits sold for a few dollars—threat actors are leveraging these methods for a new breed of real-time scams, amplified by cutting-edge technology.

Recently, a project by Anh Phu Nguyen  and Caine Ardayfio demonstrated the capability to integrate facial recognition technology with Meta’s smart glasses, allowing instant identification of strangers. This development marks a significant leap from the traditional static forms of identity theft into real-time exploitation, where personal information is weaponized in the moment.

Classic Doxing and Fullz on the Dark Web

For decades, doxing and the sale of fullz (complete identity kits) have been staple methods of cybercriminals on the dark web. Doxing involves collecting and publicizing personal information such as home addresses, phone numbers, and social media profiles, often with the intent to embarrass, harass, or intimidate. OSINT tools (Open-Source Intelligence) allow attackers to scrape social media profiles, public databases, and breached datasets to compile detailed profiles on their victims. Once exposed, this data is used for targeted harassment or extortion.

Meanwhile, fullz provide a more comprehensive set of personal details, typically including social security numbers, financial data, and other sensitive information that can be exploited for identity theft. The sale of fullz on dark web marketplaces has enabled identity theft and financial fraud on a massive scale. For a relatively small fee, threat actors can purchase a victim’s entire identity, making it easy to perform account takeovers, create fake profiles, or apply for credit in the victim’s name.

In the past, these methods were effective but static. Attackers could steal and use personal data long after it was exposed. Today, however, advancements in technology have transformed these identity theft techniques into dynamic, real-time threats.

Real-Time Identity Exploitation: The New Era of Scams

The rise of facial recognition technology combined with wearable devices, like Meta’s smart glasses, introduces a new dimension to identity theft. By pairing this real-time data collection with pre-existing fullz or other doxing techniques, threat actors can instantly exploit an individual’s identity on the fly.

real-time threats

In this I-XRAY demonstration, Meta’s smart glasses were modified to scan faces in public, instantly cross-referencing them with public social media data and possibly with compromised identity information. Imagine walking down the street, unaware that someone can identify you, access your data, and target you with personalized scams—all in real time. This shift turns identity theft into a real-time, hyper-targeted activity.

Here’s how this modern version of doxing and scamming might unfold:

  • Real-time recognition: A malicious actor equipped with facial recognition on smart glasses could walk through crowded public spaces and instantly identify individuals based on a match with their leaked photos from social media or other sources. This is no longer hypothetical; the proof-of-concept has already been demonstrated.
  • Instant exploitation: Once an individual is identified, scammers could access their leaked fullz from the dark web, providing them with a detailed set of personal information. They could then approach the target in real-time, pretending to know them, creating a social engineering scenario where the victim believes the scammer is a legitimate acquaintance or authority figure.
  • On-the-spot phishing: Imagine being approached by someone who knows your full name, email, address, and the last few digits of your social security number. When they ask you to verify some information the victim could easily fall into the trap of handing over even more sensitive information—like bank account details—without realizing they’ve been scammed until it’s too late.

The Role of AI in Amplifying Real-Time Threats

AI plays an integral role in the future of identity scams. It allows for the rapid analysis and deployment of identity data, enabling new, sophisticated scams that were previously unimaginable. Here are several ways AI can enhance these real-time threats:

  • AI-Powered Deepfakes: Threat actors can combine AI-generated deepfakes with real-time data to impersonate individuals in both video and audio formats. By using AI to craft believable but fake messages or phone calls, scammers can extort or deceive people more convincingly than ever before.
  • Automated Identity Theft at Scale: AI tools can automate the collection and correlation of personal data across multiple sources—social media, leaked data, and public records—faster than any human could. This allows threat actors to assemble profiles on victims quickly, accelerating identity fraud.
  • Behavioral Analysis and Predictive Attacks: AI can analyze online behaviors to predict the types of scams most likely to succeed on a given target. For example, someone frequently searching for job opportunities could be targeted with a fake job offer, exploiting the victim’s immediate needs.

Insights from Experts: Combating Modern Threats

As highlighted previously, cybersecurity in the age of AI and real-time technologies requires an updated approach. The reliance on static data protection strategies, such as password managers or even two-factor authentication, is no longer sufficient. We need to implement dynamic identity monitoring, where AI-driven systems track unusual behavior related to your digital presence in real-time.

How Constella is Protecting Your Identity

At Constella, we are dedicated to staying ahead of evolving threats by leveraging cutting-edge AI technologies and continuous monitoring to provide comprehensive identity protection. Our unique approach not only covers traditional dark web monitoring but also focuses on a broader range of sources across the surface web, ensuring a proactive stance against emerging scams and data leaks. Here’s how we’re tackling the future of identity theft:

  1. Real-Time Identity Alerts: Our system is designed to provide real-time alerts when personal information is exposed across both the surface web, data brokers, and the dark web. Unlike traditional solutions that focus solely on the dark web, Constella offers a multi-source approach. This comprehensive coverage allows us to detect threats before they escalate, offering early warnings on a broader scale than any single-source monitoring service.
  • Advanced Dark Web Monitoring: We continuously scan the dark web to detect any exposure of your personal information, whether it has been compromised by infostealers or exposed through data breaches. Our unique approach involves not just scraping the dark web but correlating this data with surface web activities, giving you a more holistic view of your identity exposure. This enables a faster response to potential threats before they result in fraud or exploitation.
  • AI-Driven ScamGPT: Leveraging our proprietary AI technology, ScamGPT simulates potential scams that you may be targeted by using your own exposed personal information. This proactive approach allows us to train you before threat actors attempt a real attack, helping you recognize and avoid personalized phishing schemes, social engineering attempts, and other forms of exploitation. By generating potential scam scenarios based on your specific data profile, we ensure you are better prepared for what’s coming, long before the attackers strike.
  • Surface of Attack Mapping: Constella’s unique AI technology creates a detailed view of your real surface of attack, analyzing how your compromised information could be used against you. Using algorithms developed in collaboration with law enforcement agencies (LEAs), we connect the dots in the same way threat actors do, identifying all possible avenues they could exploit to target you. This approach allows you to see your vulnerabilities from the perspective of an attacker, enabling you to take targeted actions to secure those areas before they become active threats.

By integrating these advanced tools and methodologies, Constella provides a comprehensive identity protection solution designed to stay one step ahead of modern identity theft techniques. Our AI-driven insights ensure that you are equipped to defend against both current and future threats, safeguarding your personal information in an ever-changing cyber landscape.

Potential Surge in Cryptocurrency Leaks

Alberto Casares on August 27, 2024

Increase in Cryptocurrency Leaks After Trump Supports Bitcoin

Recently, Constella Intelligence has observed an increase in attacks and data breaches resulting in cryptocurrency leaks. This surge could be partly attributed to comments made by former President Donald Trump in support of Bitcoin, which may have heightened hackers’ interest in these sites.

Former President Donald Trump has recently positioned himself as a pro-crypto presidential candidate. During his keynote speech at the Bitcoin 2024 conference in Nashville, Tennessee, held from July 25-27, 2024, Trump emphasized the transformative potential of cryptocurrencies. He pledged to make the United States a leader in Bitcoin mining and digital asset management.

These comments could have caused crypto-related sites to increase in value, making them more attractive targets for cybercriminals. As Bitcoin prices surge, the incentive for attacks on these platforms grows, highlighting the need for robust security measures.

Crypto Leaks Overview

In the first half of 2024, over 250 possible breaches or leaks related to cryptocurrencies, NFTs, and Bitcoin have been reported. These potential breaches could have affected users of various cryptocurrency platforms, including Bitcointalk, Crypto.com, Binance, eToro, and others.

Below are examples of how threat actors are offering information about these crypto-related sites on the Dark Web

Zuelacoin Data Leak:

zyelacoin cryptocurrency leak

This information was published on March 31, 2024. According to the threat actor the data includes:

  • Emails
  • Names
  • Social media profiles (Twitter, Facebook, Telegram)

Binance Cryptocurrency Leak:

Binance Cryptocurrency Leak

The post was made on May 27, 2024. The exposed information includes:

  • Emails
  • Full names
  • Phones
  • Countries

Mobile Apps like CashCoin, Coinbase, and KuCoin:

Mobile Apps like CashCoin, Coinbase, and KuCoin

The threat actor “whix” published this on March 26, 2024. The exposed information includes:

  • Emails
  • Usernames
  • Passwords
  • Countries
  • IP Addresses
  • Payment methods

eToro Cryptocurrency Leak:

eToro Cryptocurrency Leak

The same threat actor also reported this on March 25, 202, where the following information could be found:

  • Full names
  • Emails
  • Countries
  • IP Addresses
  • Amounts
  • Payment methods

Bitcointalk Cryptocurrency Leak:

Bitcointalk Cryptocurrency

According to the threat actor on March 25, 2024, a database exposing the following information was published:

  • Emails
  • Usernames
  • Ethereum Addresses

These platforms are integral to the crypto ecosystem, providing services such as trading, wallet management, and social interaction for crypto enthusiasts.

Extent of Infostealer Exposures

Constella Intelligence has checked if the information published could have been produced as the effect of infostealer infections. This check resulted in nearly 4 million users of these cryptocurrency companies being exposed to infostealer data. Most exposures have impacted major cryptocurrency exchange platforms:

  1. Binance: More than 2M users exposed.
  2. EToro: More than 500k users exposed.
  3. Crypto.com: More than 300k users exposed.
  4. Localbitcoins: More than 200k users exposed.

Digging into the infostealer exposures, Constella Intelligence also identified what seems to be infostealer infections of potential employees of some of those companies, including Binance.com, eToro.com, Crypto.com, and Localbitcoins.com, among others.

Implications of Crypto-Related Breaches

The exposure of such extensive and sensitive information has significant and far-reaching implications as it endangers the financial security and privacy of millions of users. The compromised data can be exploited for various malicious activities:

  1. Identity Theft: Personal information such as full names, addresses, and birthdays can be used to steal identities.
  2. Financial Fraud: Payment methods and transaction histories can be exploited to conduct unauthorized transactions.
  3. Phishing Attacks: Email addresses and social media profiles can be used to create convincing phishing scams.

Recommendations for Users

To mitigate the risks associated with the recent breaches, users should adopt the following security practices:

  1. Use Strong, Unique Passwords: Ensure that each cryptocurrency account has a strong, unique password. Consider using a password manager to generate and store complex passwords securely.
  2. Enable Two-Factor Authentication (2FA): Adding an extra layer of security through 2FA can significantly reduce the risk of unauthorized access to accounts.
  3. Monitor Crypto Transactions Regularly: Keep a close watch on your cryptocurrency transactions and wallet activity to detect any unauthorized activities. Early detection can help prevent significant financial losses.
  4. Be Wary of Phishing Attempts: Be cautious with emails and messages requesting personal information or directing you to log in to your accounts. Verify the authenticity of such requests through official channels.
  5. Update Security Settings on Crypto Platforms: Regularly review and update your security settings on cryptocurrency exchanges and wallets. Ensure that all recovery options are up-to-date and secure.

2024 Identity Breach Report: Navigating the GenAI Attack Revolution

Rachel Hamasaki on August 21, 2024

The cybersecurity landscape is rapidly evolving, and our 2024 Identity Breach Report: Welcome to the GenAI Attack Revolution offers essential insights into how artificial intelligence (AI) and complex data sets are transforming the threats we face today.

The New Face of Phishing: AI-Powered Scams

This year’s report highlights a dramatic shift in phishing tactics. With tools like FraudGPT and advanced natural language processing (NLP), phishing attacks have moved beyond the outdated Nigerian prince emails to become hyper-personalized and alarmingly convincing. These AI-driven attacks leverage Large Language Models (LLMs) to create realistic scams that often evade detection. Warren Buffett aptly noted that AI is propelling scamming into a “growth industry,” and research from Harvard Business Review confirms this trend, showing that AI reduces phishing implementation costs by over 95% while boosting success rates. This signifies a forthcoming surge in both the sophistication and frequency of phishing attacks.

The Escalation of Nation-State Cyber Threats

Our report also explores the rising influence of nation-state actors in cyber conflicts. In 2023, breaches linked to Russian entities were responsible for six of the top ten compromised domains, underscoring the escalation of cyber warfare. Accurate source attribution and a global data perspective are now indispensable for combating these state-sponsored threats. This approach is vital for effective defense against identity theft and for conducting thorough investigations to identify and neutralize bad actors.

The Growing Threat of Infostealers

Infostealers continue to be a significant threat in the cybersecurity landscape. These tools, which facilitate remote data exfiltration and theft, have seen a substantial increase in usage. Our report reveals a 140% rise in infostealer incidents since 2021, with no signs of this trend slowing. Infostealers remain a critical concern, emphasizing the need for advanced security measures to protect both consumer and corporate data.

Why This Report Matters

The 2024 Identity Breach Report provides crucial insights into the evolving cyber threat landscape shaped by AI and data complexities. Understanding these developments is essential for enhancing your cybersecurity strategies and effectively addressing the risks of identity exploitation and cyberattacks.

Stay Ahead of Emerging Threats

To safeguard your organization against sophisticated threats, staying informed is key. The 2024 Identity Breach Report equips you with the knowledge needed to navigate the changing cybersecurity terrain. Stay ahead of emerging risks and protect your organization with the latest insights and recommendations from our in-depth analysis.

Constella Web Logo white e1703116556868

Constella.ai is the global leader in AI-driven identity risk and deep and dark web intelligence for such applications as identity theft, insider risk, synthetic identity fraud detection (Advanced KYE/KYB), and deep OSINT investigations.

With the world’s largest breach database, containing over one trillion data attributes in 125+ countries and over 53 languages, Constella empowers leading organizations across the globe to monitor and secure critical data through unparalleled visibility and actionable insights. 

Linkedin

API Integrations

Identity Monitoring

Deep OSINT Investigations

Identity Fraud Detection

Digital Risk Protection Platforms

Executive and Brand Digital Protection

OSINT Cybercrime Investigations

Threat Monitoring and Alerting

INSIGHTS

Blog

News and Events

Resources

USE CASES

Protect Your Users From Identity Theft

Protect Your Employees From Compromised Identities and Credentials

OSINT Investigations, Profiling, and Identity Mapping

External Digital Risk Protection for Organizations

Intelligence-Grade Monitoring and Data Collection

Fraud Detection Through Continuous Identity Risk Scoring

Subscribe To The Constella Newsletter

©2025 Constella Intelligence. All rights reserved.     Website Privacy Policy.     Terms of Use.     Datalake Privacy Notice.      Acceptable Use Policy.