CertiK: crypto fraudsters using black-market IDs

The blockchain security company, CertiK, has discovered a new scam strategy employed by cryptocurrency fraudsters as the sector continues to develop its fraud detection tools. The blockchain security company found that cryptocurrency scammers could access a “cheap and easy” black market of people willing to put their name and face on fictitious projects — all for the low price of $8. CertiK:

The “Professional KYC actors” trick projects into hacks These people, who CertiK to as “Professional KYC actors,” would occasionally voluntarily accept the position of the verified face of a cryptocurrency project to win over the community's trust before an “insider hack or exit scam.” These KYC actors can also create bank or exchange accounts for bad guys using their identities. In a blog post published on November 17, CertiK analysts claimed that they had discovered over 20 underground marketplaces where KYC actors could be hired for as little as $8 to complete straightforward “gigs,” such as meeting the KYC requirements “to open a bank or exchange account from a developing country.” More expensive tasks have the KYC actor placing their name and face on a phony enterprise. According to CertiK, most performers appear to be being taken advantage of because they are headquartered in underdeveloped nations “with an above-average concentration in South-East Asia” and receive salaries of $20 to $30 for each job. Additionally, more sophisticated standards or verification procedures may demand even higher prices if the KYC actor is a citizen of a country with minimal risk of money laundering. According to CertiK, the job market for the KYC actor was "small" compared to her previous demand for KYC-certified bank and exchange accounts. However, certain positions pay up to $500 a week if the actor takes on the role of her CEO of a villainous company. Lack of equipment and know-how in corporate teams leads to hacking. According to CertiK, “more than 40 websites claim to rate cryptocurrency projects and offer KYC badges,” but the service is either too superficial to identify scams or too amateurish. It has no value because it cannot detect insider threats through The teams behind these websites lack the necessary research methods, training, and experience. This means scammers can use these badges to trick the public and investors. 

Contrary to popular belief, blockchain transactions are open, making it difficult for fraudsters to hide their money movements. Another recent example is the work of French authorities, who used on-chain analytics to identify and prosecute five people who stole non-fungible tokens () via phishing schemes.