BANKS' FACIAL SCANS FALL TO STOLEN BIOMETRIC DATA

Fraudsters operating from money-laundering centers in Southeast Asia are leveraging readily available tools to impersonate legitimate customers. Virtual camera software sold through Telegram channels enables attackers to bypass facial recognition checks by overlaying stolen biometric data onto live video feeds. The attack targets popular banking apps across multiple regions, with Vietnamese banking platforms among those affected. Criminals combine stolen facial data—harvested from data breaches or identity theft—with deepfake and spoofing technology to pass automated verification systems. Major banks rely on KYC facial scans to prevent fraud and money laundering. However, the sophistication and accessibility of circumvention tools suggest these defenses are insufficient. Security researchers warn that as biometric authentication becomes standard across financial services, criminals are simultaneously improving their ability to defeat it. The discovery highlights a critical weakness: while banks implement advanced facial recognition, the underlying biometric data they depend on remains vulnerable to theft and misuse.