Pages:
Author

Topic: Be careful with your identity documents and KYC (Read 423 times)

hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
As far as I understand, the situation is more likely stealing from the person who's data is stolen/leak and then bought by that person and then use it to create a P2P account which is already considered as identity theft to be able to buy crypto using the victim's identity and money. I would say that this is more likely a financial theft and identity theft made by that person or a group of people. Well, it's up for others on how they see this situation but that's how I see it and anyway, the important thing is that you share it for other people to be aware of such scheme. After all, it's better to be safe than sorry.
legendary
Activity: 2716
Merit: 1225
Once a man, twice a child!
Those victims that are giving their bank details and allows these culprits to gain access on it must really be too gullible at all and greedy at the same time.

Honestly, I can't imagine that someone goes to that point but it's a real thing because I've seen several posts in many socials that this happens. Too sad for those type of victims.

They're unsuspecting as well and whilst the banking details have been taken, there should be like a 2FA system from the bank to call the victim's name if unsuspected transaction has been made.
Sometimes, one's boxed into a corner where one will have to provide certain documentations to enable one benefit from features on the sites one is on. For instance, to be able to enjoy the P2P facility on Cexs, one has to provide one's bank details to be able to transact there. So, you see, it's not that those who tender such are that stupid. There are security features allowed for users to strengthen their accounts (2FAs and all that) and most times these security breaches don't come from users but the exchanges when hacks happen on them and users' data base are compromised.

If whether merely submitting personal info that don't include bank details can lead to banks hacks, I don't think so. For those who always say it will, how does that work? If you want to say because names and addresses and phone numbers are given, don't we also have those information with the national identity card centres in our various countries? How come no one has looked into that as a possible way of bank account hacks too?
legendary
Activity: 2268
Merit: 18748
what I meant by kyc documents being public document is in the sense that,  most of the documents we present for verifications are all documents that we have are requested and used by their party,  e.g your driver license which is use for kyc verification os a public document because the road safety can ask for it from you or even the police,  including the banks,.
Yes, but not random people on the street. There is also a big difference between showing your drivers license to a single officer who pulls you over, and scanning it in to electronic send it with unknown security to an unknown third party for unknown storage and unknown distribution.

As you say, banks request to see these documents for proof of ID and to open accounts, loans, credit cards, etc. Given that, then you can clearly see why letting random strangers have access to these documents poses a massive financial risk.
legendary
Activity: 1946
Merit: 1157
MAaaN...!! CUT THAT STUPID SHIT
Once your KYC data has been leaked, it is almost trivial for a scammer to perform a SIM swap attack and take control of your phone number.

Exactly, scammers can go any lent they want to try to get access and steal someone else's funds.
This is why keeping your funds in those exchanges is highly risky because they get your data when you pass the KYC verification, coupled with the fact that in the exchange in which you store your cryptos, you don't have the keys,  so you can easily get screwd.

Giving out your identity or passing the KCY process poses a gigantic kind of risk, it means that you have granted someone access to your privacy, and those details could be used to commit various cyber crimes if sold out. These cases are as a result of an insider job,


It's pretty awful for an insider to do a dirty job like this. Many exchanges in the past have closed and have KYC data of their users and it is possible that this data can be sold so it is very risky. But some large Exchanges like Binance currently do not rule out the possibility of doing the same thing if they have a lot of user KYC data.
Depositing KYC is the choice of each user, or you can use fake KYC.
hero member
Activity: 1008
Merit: 520
Leading Crypto Sports Betting & Casino Platform
Far from it mate,  I think highest the identity theft can do is to create some fake accounts on some social media
This is simply incorrect. In the US alone, identity theft affects ~40 million individuals each year and costs those individuals upwards of $50 billion:

https://javelinstrategy.com/2022-Identity-fraud-scams-report
https://javelinstrategy.com/research/2023-identity-fraud-study-butterfly-effect

Once someone has your identity, they can take out loans in your name, open credit cards in your name, use your insurance to rack up enormous bills, commit tax fraud in your name, and more.

most of the documents we provide during KYC are all public documents like ID,  Passport and signature,  this is all public information that anyone can get access to.
What? In what country do you live in that individuals' personal ID cards and passports are public information that anyone can look up?
I think we have misunderstood ourselves a bit and I need to step in to clear something to make my point better understand by you boss,  what I meant by kyc documents being public document is in the sense that,  most of the documents we present for verifications are all documents that we have are requested and used by their party,  e.g your driver license which is use for kyc verification os a public document because the road safety can ask for it from you or even the police,  including the banks,.
So that point of view is where I am looking at it from that is said,  KYC document at public properties since it for their party usage.
hero member
Activity: 2814
Merit: 576
Damn, this is sad. I mean imagine you are scamming people online and then you get a case against you from Binance and you never did any transaction nor you have an account which got that money deposited. Binance surely needs to look into this if it's happening a lot. I mean, they need to make the P2P requirements much better and secure for others. And payments should only be allowed from pre-approved payment methods.
This is really unfortunate on the part of victims. They lose their money without knowing that they have deposited in an exchange and Binance is totally not aware of it. So maybe it’s a lesson that one should be cautious when and where to give his KYC that links to his account. Sometimes, scammers are not just outsiders from an exchange, but some scammers are actually doing inside job. Well that’s even more pathetic.
hero member
Activity: 966
Merit: 588
Once your KYC data has been leaked, it is almost trivial for a scammer to perform a SIM swap attack and take control of your phone number.

Exactly, scammers can go any lent they want to try to get access and steal someone else's funds.
This is why keeping your funds in those exchanges is highly risky because they get your data when you pass the KYC verification, coupled with the fact that in the exchange in which you store your cryptos, you don't have the keys,  so you can easily get screwd.

Giving out your identity or passing the KCY process poses a gigantic kind of risk, it means that you have granted someone access to your privacy, and those details could be used to commit various cyber crimes if sold out. These cases are as a result of an insider job,



 
legendary
Activity: 2268
Merit: 18748
Far from it mate,  I think highest the identity theft can do is to create some fake accounts on some social media
This is simply incorrect. In the US alone, identity theft affects ~40 million individuals each year and costs those individuals upwards of $50 billion:

https://javelinstrategy.com/2022-Identity-fraud-scams-report
https://javelinstrategy.com/research/2023-identity-fraud-study-butterfly-effect

Once someone has your identity, they can take out loans in your name, open credit cards in your name, use your insurance to rack up enormous bills, commit tax fraud in your name, and more.

most of the documents we provides during KYC are all public documents like ID,  Passport and signature,  this is all public information that anyone can get access to.
What? In what country do you live that individuals' personal ID cards and passports are public information that anyone can look up?
hero member
Activity: 1008
Merit: 520
Leading Crypto Sports Betting & Casino Platform
The case in your OP is different from the usual seller refusing to release funds from escrow or buyer not actually sending funds but marked the order as paid, etc.
Thank you for telling me this. I have edited the OP to make it perfect for people to understand. The people that submit their KYC documents to scammers unknowingly are the victims which are not even involved in the transaction between buyer and seller, but because their bank account details was known to the scammers, it was used to make transaction from the victims bank account.

I see this as a way not to steal directly from the victim's bank account, but instead, they use it to buy crypto from a centralized exchange.
Far from it mate,  I think highest the identity theft can do is to create some fake accounts on some social media but having to involve the bank details or control of the bank account of the victim is no longer KYC document linkage,  for such extent of transaction to happen with victims account there most be either an insider or a time the bank account holder may have comprise the log in security of their bank account.
So I don't believe in that assumption that once your KYC documents are comprise your bank accounts are also comprised,  because this are two different things,  let not forget that,  most of the documents we provides during KYC are all public documents like ID,  Passport and signature,  this is all public information that anyone can get access to.
newbie
Activity: 3
Merit: 0
If we want to summarize I would say stay cautious in the crypto world. Protect your personal information, be mindful of KYC requests, and do your due diligence before engaging in any campaigns or airdrops. Let's all work together to create a safer environment for crypto enthusiasts, both new and experienced.

As, Promoting awareness and vigilance within the community is essential to ensure that everyone can enjoy the benefits of the cryptocurrency space while minimizing the risks associated with it.
sr. member
Activity: 1610
Merit: 264
~
Well people would everything just for the sake of earning something. Back then, I almost gave away my personal infor when airdrops were still like a hot topic here in the forum and good thing I didn't really do that. What's more alarming from this is that scammers might even do it through dark web and God knows what will happen to the victim once the people found out about not just the banking information but also their personal information.

Reality is people wouldn't stop risking that action until they encountered the consequences involved with it.
sr. member
Activity: 658
Merit: 441
Most people don't know the risks when they submit their personal documents to CEX and other crypto platforms as these could be used by bad actors to cause great harm to them. I read this article[1] by GazetaBitcoin, which reveals an interesting story of the identity theft of a young man whose life was wrecked apart by the scammer. This is one of the many ways KYC can be used against you, some persons are even languishing in jail for crimes they did not commit.

KYC should be avoided at all cost because of the dangers it pose. I do make use of Kucoin when it was a KYC free exchange, but the moment KYC became compulsory I had to stay away. DEX and P2P trading are better and safer.

1. What happens when your identity is stolen - real story || Avoid CEXs!
legendary
Activity: 2268
Merit: 18748
Those victims that are giving their bank details and allows these culprits to gain access on it must really be too gullible at all and greedy at the same time.
Is everyone who uses a centralized exchange gullible and greedy? Maybe you can argue such people are gullible, when they believe that the centralized exchange will keep their data safe, or keep their documents secure, or cares even the slightest about what happens to your KYC information. Every centralized exchange out there has leaked KYC data one way or another, whether it was a hack, sharing it with shady third parties, or even just selling it outright.

sometimes we have little to no choice, for example, if we want to trade a coin which is only listed in one exchange with mandatory KYC or to simply use any of the top, regulated, crypto (and not crypto) services.
You always have a choice. You can choose not to trade that shitcoin or choose not to use that service. That's what I do, and I get by just fine. Wink

I'm still wondering how the scammers used the stolen data to create an account in Binance and set up a P2P trading account because if you want to set up a P2P trading account you will have to add your bank account details and a verification code will be sent to your phone number to prove you are the one setting up the P2P trading account. How do the scammers bypass the Binance P2P verification process
Once your KYC data has been leaked, it is almost trivial for a scammer to perform a SIM swap attack and take control of your phone number.
sr. member
Activity: 476
Merit: 316
Get $2100 deposit bonuses & 60 FS
I was reading this, that bitcoin and other crypto were banned in India in 2018. The ban was lifted, but later 30% crypto tax was imposed on crypto users and this led to Indians preferring to exchange crypto and rupee within themselves which can be on decentralized exchanges or centralized exchanges.

How the P2P scams happen

One way P2P scammers steal user data is with the help of fake crypto-centered channels on Telegram that promise high profits or airdrops. Many gullible users looking to make a quick profit often join these channels and share their personal banking information. In many other cases, the scammer simply buys or steals the user’s personal information.

The stolen data is then used to create a P2P account on any popular P2P platform — Binance and WazriX are common in India.

The scammer then initiates a buy order on the P2P platform looking for unsuspecting sellers. Once they match with a seller, they send the money to the seller using the victim’s account. Thus, they complete the P2P transaction on the platform where the buyer receives the cryptocurrency and the seller receives the money in their bank account.

The buyer (scammer) then vanishes with the crypto and the victim whose bank account was used to send the money only realizes it after the money has been deducted from their bank account.

The scammers will have the information to bank details and other necessary personal documents of the victim through fake airdrops and other means to lure the victims to provide their data. They will use the victim's documents and necessary bank details to register on a centralized exchange. Create a centralized exchange P2P buy order, using the victim's money that he has in the bank to pay and receive crypto in return. The scammer will transfer the coins out of the exchange.

You can read about this in complete from https://cointelegraph.com/news/crypto-p2p-scams-india

Avoid giving out your personal documents and personal data because it can be used to steal all your money.
I'm still wondering how the scammers used the stolen data to create an account in Binance and set up a P2P trading account because if you want to set up a P2P trading account you will have to add your bank account details and a verification code will be sent to your phone number to prove you are the one setting up the P2P trading account. How do the scammers bypass the Binance P2P verification process
hero member
Activity: 658
Merit: 545
I'm curious about how one could create a Binance account using fraudulent documents when they have a live face verification process. Other platforms might only ask for bank statements and government-issued ID cards. If that's the case, those platforms should consider modifying their verification methods. However, we must remain cautious and avoid falling for the idea of easy money through Airdrops. Sharing documents for a small amount of money can be risky and potentially lead to scams.
You are right, and I think it will be very difficult for scammers to carry out these type of scams in Binance because of the face verification attached to its KYC proceedure. There are Some other exchanges that doesn’t ask for face verification and they only ask of some national identification cards and bank accounts details which make it easy for scammers to make use of these exchanges and create account with someone else documents on the platform. I think such exchanges should learn from Binance and adopt a face verification system to prevent this kind of scam from happening.

Scammers use Airdrop as a hub for their fraudulent activities; they use it to entice victims and obtain their personal information by offering them a small sum of money. As a result, we should exercise caution while participating in airdrops and when disclosing personal information in order to pass KYC verification and be qualified to receive a small number of tokens. There are now very few legitimate airdrops, and they are no longer worthwhile. Let's refrain from giving personal information to an unrecognised or untrustworthy website.
hero member
Activity: 938
Merit: 605
Leading Crypto Sports Betting & Casino Platform
I was reading this, that bitcoin and other crypto were banned in India in 2018. The ban was lifted, but later 30% crypto tax was imposed on crypto users and this led to Indians preferring to exchange crypto and rupee within themselves which can be on decentralized exchanges or centralized exchanges.

How the P2P scams happen

One way P2P scammers steal user data is with the help of fake crypto-centered channels on Telegram that promise high profits or airdrops. Many gullible users looking to make a quick profit often join these channels and share their personal banking information. In many other cases, the scammer simply buys or steals the user’s personal information.

The stolen data is then used to create a P2P account on any popular P2P platform — Binance and WazriX are common in India.

The scammer then initiates a buy order on the P2P platform looking for unsuspecting sellers. Once they match with a seller, they send the money to the seller using the victim’s account. Thus, they complete the P2P transaction on the platfrom where the buyer receives the cryptocurrency and the seller receives the money in their bank account.

The buyer (scammer) then vanishes with the crypto and the victim whose bank account was used to send the money only realizes it after the money has been deducted from their bank account.

The scammers will have the information to bank details and other necessary personal documents of the victim through fake airdrops and others means to lure the victims to provide their personal data. They will use the victims documents and necessary bank details to register on a centralized exchange. Create a centralized exchange P2P buy order, using the victims money that he has in bank to pay and receive crypto in return. And the scammer will transfer the coins out of the exchange.

You can read about this in complete from https://cointelegraph.com/news/crypto-p2p-scams-india

Avoid giving out your personal documents and personal data because it can be used to steal all your money.
I am still trying to understand how someone will be giving out his financial account details online to some entity he doesn't know in a chase for airdrops. That's one easy ways to be stupid you know!

For a person to complete a p2p transaction on binance you must have undergone different process of kyc and when you're the buy then it means you still undergo another KYC from your bank before you can transfer your funds. So for a scammer to be able to gain success in all of this process is either the bank is suffering from a weak security which makes it unfit for modern banking. Or the individual must be brainless to have render his bank pin, password, email address, and OTP,  but how's this possible to let out all these information to a stranger when you ain't at a gun pointed to your head?
legendary
Activity: 1932
Merit: 2354
The Alliance Of Bitcointalk Translators - ENG>SPA
-snip-

The scammers will have the information to bank details and other necessary personal documents of the victim through fake airdrops and others means to lure the victims to provide their personal data. They will use the victims documents and necessary bank details to register on a centralized exchange. Create a centralized exchange P2P buy order, using the victims money that he has in bank to pay and receive crypto in return. And the scammer will transfer the coins out of the exchange.

You can read about this in complete from https://cointelegraph.com/news/crypto-p2p-scams-india

Avoid giving out your personal documents and personal data because it can be used to steal all your money.

Although that is true, and we should never compromise our personal documents and data for a few bucks shitty airdrops like the ones you mention grant, sometimes we have little to no choice, for example, if we want to trade a coin which is only listed in one exchange with mandatory KYC or to simply use any of the top, regulated, crypto (and not crypto) services.

We need a solution for this problem. How can we be identified and, at the same time, prevent our data from being leaked? could cryptography help?
full member
Activity: 728
Merit: 151
Defend Bitcoin and its PoW: bitcoincleanup.com
I was reading this, that bitcoin and other crypto were banned in India in 2018. The ban was lifted, but later 30% crypto tax was imposed on crypto users and this led to Indians preferring to exchange crypto and rupee within themselves which can be on decentralized exchanges or centralized exchanges.

How the P2P scams happen

One way P2P scammers steal user data is with the help of fake crypto-centered channels on Telegram that promise high profits or airdrops. Many gullible users looking to make a quick profit often join these channels and share their personal banking information. In many other cases, the scammer simply buys or steals the user’s personal information.

The stolen data is then used to create a P2P account on any popular P2P platform — Binance and WazriX are common in India.

The scammer then initiates a buy order on the P2P platform looking for unsuspecting sellers. Once they match with a seller, they send the money to the seller using the victim’s account. Thus, they complete the P2P transaction on the platfrom where the buyer receives the cryptocurrency and the seller receives the money in their bank account.

The buyer (scammer) then vanishes with the crypto and the victim whose bank account was used to send the money only realizes it after the money has been deducted from their bank account.

The scammers will have the information to bank details and other necessary personal documents of the victim through fake airdrops and others means to lure the victims to provide their personal data. They will use the victims documents and necessary bank details to register on a centralized exchange. Create a centralized exchange P2P buy order, using the victims money that he has in bank to pay and receive crypto in return. And the scammer will transfer the coins out of the exchange.

You can read about this in complete from https://cointelegraph.com/news/crypto-p2p-scams-india

Avoid giving out your personal documents and personal data because it can be used to steal all your money.
OP post should be taken seriously by airdrop hunter, like the new comers they thought putting information on the airdrop give them more chance, to win lots of money they are all.wrong instead their information sometimes passwords were collected and can be sold in the darkweb, sometimes also can be use by scammers in an airdrop, and pretend that the information is them.
copper member
Activity: 1470
Merit: 1609
Bitcoin Bottom was at $15.4k
Damn, this is sad. I mean imagine you are scamming people online and then you get a case against you from Binance and you never did any transaction nor you have an account which got that money deposited. Binance surely needs to look into this if it's happening a lot. I mean, they need to make the P2P requirements much better and secure for others. And payments should only be allowed from pre-approved payment methods.
legendary
Activity: 2576
Merit: 1043
Need A Campaign Manager? | Contact Little_Mouse
I'm curious about how one could create a Binance account using fraudulent documents when they have a live face verification process.
Technology is growing at a rapid pace to the point that it becomes a problem for most of the users already. With AI, for sure this will happen even more in the future. Deepfake the pictures, AI, and a bit of knowledge is what the scammers need in order for this to be successful, and can't be detected by Binance.

I always watch videos on Youtube regarding Indian Scammers that are being busted by these Youtubers. I find it very entertaining for these scammers to get busted, and who will not be knowing that they're very notorious in scamming people.

This is the reason why people must not give their personal information to the public ever. The problem with most of these investors is that, they're very gullible that when you say to them that they will give at least 20% interest, they will fall for it even though it costs them personal information including bank accounts. What's the solution for this? I guess letting them experience will teach them what to do next in the future. Letting them experience getting scammed will make them realize that "Ohhh I don't want to give my personal information to a random stranger anymore", but TBH, this is a no-brainer already because why in the hell will give your personal information into somebody that you don't know personally.

Overall, this post is all about awareness for those newbies out there who are trying to join into these scam telegram channels. Please don't join, don't give information to strangers, don't be too gullible, and be vigilant.
Pages:
Jump to: