Cyberscammers are bypassing banks’ security with illicit tools sold on Telegram

2026-04-15 · Source: MIT Technology Review · Field: Technology & Digital — Cybersecurity & Data Privacy, Artificial Intelligence & Machine Learning · Depth: Intermediate, medium

Summary

Cyberscammers are actively bypassing Know Your Customer (KYC) facial recognition and liveness checks on major banking and crypto platforms using illicit tools sold on Telegram. An MIT Technology Review investigation, conducted over two months earlier this year, identified 22 public Telegram channels and groups, primarily in Chinese, Vietnamese, and English, advertising "bypass kits" and stolen biometric data. These kits often deploy virtual camera (VCam) tools to replace live video feeds with static images or deepfakes, deceiving security protocols. This rise in KYC bypasses coincides with a global expansion of "pig-butchering" cyberscams and increased scrutiny on financial institutions regarding money laundering. Cybersecurity firms like iProov and Sumsub report a significant increase in virtual-camera attacks and sophisticated fraud attempts in 2024 compared to 2023, with some financial institutions acknowledging these as industry-wide challenges.

Key takeaway

For CTOs and VPs of Engineering evaluating fraud prevention strategies, you must recognize that current KYC biometric checks are actively being circumvented by sophisticated virtual camera tools. Prioritize investing in advanced fraud detection systems that analyze broader transaction patterns and behavioral biometrics, rather than solely relying on liveness checks, to effectively counter evolving money laundering tactics and protect your platforms from financial crime.

Key insights

Illicit virtual camera tools sold on Telegram are enabling widespread bypass of KYC biometric security in banking and crypto.

Principles

• Security is a continuous cat-and-mouse game.
• Sophisticated fraud often combines multiple attack vectors.

Method

Scammers use virtual cameras (VCams) to inject pre-recorded videos or images, including deepfakes, into live video streams, bypassing KYC liveness checks and identity verification.

In practice

• Monitor Telegram for illicit bypass tool advertisements.
• Implement multi-step fraud detection beyond liveness checks.

Topics

• KYC Bypass
• Virtual Camera Attacks
• Telegram Marketplaces
• Money Laundering
• Pig-Butchering Scams

Best for: CTO, VP of Engineering/Data, Executive, AI Security Engineer, Legal Professional, Director of AI/ML

Related on AIssential

• The Download: cyberscammers’ banking bypasses, and carbon removal troubles — Illicit services exploit KYC vulnerabilities, while Microsoft's carbon removal pause impacts the nascent market.
• Smaller AI models likely powering India's escalating deepfake menace - Business Standard — Smaller, customized open-source AI models are democratizing sophisticated deepfake fraud, making detection harder and costs lower for attackers.
• software trying to catch software is officially a dead en [D] — Advanced AI renders software-based bot detection obsolete, necessitating hardware-verified biometrics for online human authentication.
• Our latest fraud and scams advisory — Online scams are evolving rapidly, employing sophisticated technical bypasses and social engineering to exploit users for financial gain.
• Crypto crime, caveats & clarity: How crypto forensics has evolved in 5 years — Official crypto crime statistics significantly underreport the true scale of illicit activity due to strict reporting standards and unreported crimes.
• What this year’s Black Friday taught security teams about agentic commerce — Agentic commerce blurs lines between legitimate and malicious automated traffic, requiring new security paradigms.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by MIT Technology Review.