In a disturbing new wave of cyberattacks, fraudsters are cracking open the defenses of global financial institutions—exposing critical weaknesses in identity verification systems. According to iProov, a global leader in biometric identity verification, a coordinated cybercrime campaign is actively targeting banks, crypto exchanges, e-wallets, and digital payment platforms across Asia-Pacific, Europe, and North America.
The iProov Security Operations Center (iSOC) has been tracking an elusive threat actor codenamed “Grey Nickel”, responsible for a surge of advanced attacks designed to bypass Know Your Customer (KYC) protocols—the very systems meant to verify and protect user identities.
Unlike older scams that relied on fake IDs or spoofed emails, these new attacks use high-end technology: deepfakes, synthetic media, and virtual camera injection. The kicker? Many financial institutions are still using outdated liveness detection tools that stop only basic threats like someone holding up a photo.
But “Grey Nickel” and other threat groups are playing on an entirely different level—exploiting the gap between current verification tools and the AI-fueled attacks now flooding the industry.
“This isn’t random. These are well-funded, specialized operations,” warned Dr. Andrew Newell, Chief Scientific Officer at iProov. “They’re not just stealing money—they’re undermining the entire digital infrastructure of modern banking.”
A growing web of attackers
iProov uncovered a global network of cybercrime rings, each using different tools but chasing the same goal: bypassing digital defenses to commit massive financial fraud.
Here’s what they’re using:
- Grey Nickel: This group uses face-swap tech and metadata manipulation to fool facial verification tools. They’ve been at it since mid-2023, first hitting Asia-Pacific, now expanding into North America and Europe.
- Virtual Camera Apps: Other criminal developers are building apps that inject fake video or audio during live KYC sessions. Some now even sync lip movement with AI-generated speech to defeat voice verification.
- Deepfake-as-a-Service: Yes, that’s a real thing. These operations sell made-to-order deepfakes and full KYC-bypass kits to clients—often aimed at crypto platforms.
- AI Fraud Forums: Criminals are now openly sharing guides on how to use off-the-shelf AI tools to generate deepfakes strong enough to break through weak identity checks.
The price tag of inaction: Millions lost
The financial damage is staggering:
- In 2024, scammers in Hong Kong used deepfakes to impersonate executives—stealing US$25.6 million from a British multinational firm.
- A BioCatch survey found over 50% of organizations lost between $5 million and $25 million to AI-powered fraud in 2023.
- The United Nations reported a 600% spike in deepfake-related activity among Southeast Asian cybercrime groups this year alone.
One of the biggest hurdles? Many financial institutions aren’t required to report these incidents. That means regulators and law enforcement often have no clear picture of the full scale of the problem—giving cybercriminals a dangerous advantage.
While the European Union is taking proactive steps (like pushing for a high-assurance EU Digital Identity Wallet to meet anti-money laundering requirements), other regions remain dangerously behind. The result: a fractured global defense system that criminals are exploiting in real time.
To fight back, iProov urges organizations to move beyond basic liveness checks and adopt contextual, risk-based identity assurance—technologies that evaluate not just the face, but the situation and behavior behind the verification attempt.
“Security needs to evolve as fast as the threats,” said Dr. Newell. “We can’t protect tomorrow’s digital economy with yesterday’s tools.”
AI has changed the game. Financial institutions must evolve or risk becoming easy prey in a new era of high-tech identity fraud.