Reported by: Alex Zeltcer

Anti-money laundering (AML) measures, such as Know Your Customer (KYC), that crypto operators are also required to follow have been a boon for fraudsters who know where the loopholes are in this legislation. The fact is, however, that over 75% of all fraudulent activity comes from KYC-verified accounts. That statistic should serve as a clear warning to any organization still relying on it as the sole way to verify transactions.

Despite the safeguards, identity verification does not work as well in the digital era.  Manipulation of it takes place primarily in two ways:

1. Through fraudsters scouting for targets in small networks of users in the dark web who are seeking “quick cash” and 
2. Through the purchase of an actual KYC-verified account list on the dark web, that likely also includes individuals unaware that their account (perhaps through social engineering) has been hijacked.

Potentially, any account, once it earns KYC verification, can easily sell the account credentials to buyers around the world. Based on various factors, one of these accounts can be worth between $50 to $150. 

The fraudster then leverages the legitimacy of the KYC verification to make another transaction. With each transaction, it achieves more legitimacy, and of course, more profit for the fraudster until the fraud is discovered and shut down. For the account holder who was manipulated and was unaware of the takeover, there is a surprising discovery of credit card charges which, of course, will be disputed and charged back. Similarly, the “crypto mules” will pretend they were unaware of a takeover and do the same. In either scenario, the result is the issuing FIAT bank will withdraw the funds from the merchant, who in this case is the cryptocurrency exchange, and will pay back the account holders (i.e., both the legitimate and illegitimate ones).

Read full report: https://www.benzinga.com/amp/content/30203976