AU10TIX Reports Rising Use of 'Repeaters' in Identity Fraud Preceding Mega-Attacks

AU10TIX Q1 2025 Global Identity Fraud Report

AU10TIX, a leader in the realm of identity verification and fraud prevention, has unveiled its Q1 2025 Global Identity Fraud Report, revealing a concerning trend: the emergence of a new attack strategy termed “Repeaters.” This phenomenon refers to small, subtle variations of a singular digital asset such as a facial image, document number, or background that malicious individuals are using to test the robustness of detection systems. By deploying these variations in limited numbers, fraudsters prepare for more substantial, coordinated breaches across various industries.

The report indicates that the usage of Repeaters surged by 33% from Q1 2024 to Q1 2025, fueled by the availablility of Fraud-as-a-Service (FaaS) toolkits. These kits provide a plethora of pre-packaged tools, including deepfake-generated images and image templates, enabling the creation of convincing yet fraudulent identities.

With the rapid advancements in artificial intelligence, a new wave of industrial-scale identity fraud has taken shape, particularly targeting payment platforms, cryptocurrency exchanges, and social media channels. These automated mega-attacks are characterized by orchestrated assaults involving thousands of synthetic identities, and at the heart of this trend lies the Repeater strategy.

Repeaters are specifically engineered to bypass Know Your Customer (KYC) checks and biometric security measures by imitating authentic facial movements and fooling liveness detection systems. The AU10TIX report positions these Repeaters as a critical early warning sign for businesses under threat from modern identity fraud tactics.

Fraudsters generally initiate their assaults with a mere handful of low-profile attempts, quietly probing an organization's defenses for potential weaknesses. When assessed in isolation, these fraudulent identification documents often appear genuine, thereby escaping detection. Once a few Repeaters successfully bypass an organization's KYC checks, they can then be leveraged across multiple platforms in a coordinated attack with a significantly reduced risk of detection.

To combat these novel threats, the report emphasizes that consortium validation is the only tried-and-true strategy for identifying these early warning signs. Consortium validation entails cross-referencing data among a network of organizations. While individual Repeaters may be indistinguishable from legitimate IDs at the case-by-case level, if one organization within the consortium identifies a fraudulent ID, the information can swiftly be flagged across the network.

“Repeaters represent the fingerprint of a new class of fraud—automated, enhanced by AI attacks that reuse synthetic identities and digital assets on a large scale,” stated Yair Tal, CEO of AU10TIX. He expressed pride in the company's front-line position for identifying and preventing these sophisticated fraud attempts through innovative pattern recognition and immediate consortium validation.

The report illustrates one significant mega-attack where 2,000 variations of a single synthetic identity were deployed to target numerous banking and cryptocurrency platforms. This example underscores the immense risk and speed at which Repeaters can proliferate once they infiltrate fraud ecosystems.

AU10TIX's Q1 2025 Global Identity Fraud Report also presents three actionable strategies for organizations:
1. Transition from Static to Behavioral Detection: Develop systems that track repetition across different sessions, devices, and onboarding events to identify coordinated fraud attempts at an early stage.
2. Incorporate Consortium Signals into Fraud Defenses: Since fraud rings operate across various sectors, organizations must adopt protective measures that encompass this cross-industry approach.
3. Audit for Vulnerabilities Related to Synthetic Identities: Organizations should update their defenses to recognize that deepfake content and image-template attacks can evade traditional KYC measures.

About AU10TIX

Founded in 2002, AU10TIX has established itself as a leading provider of identity verification and management solutions. It is dedicated to fostering and securing trust among individuals, organizations, and digital systems. The company's advanced AI-driven platforms shield some of the world's most recognized brands from intricate fraud schemes. With a future-proof product suite that facilitates seamless customer onboarding in as little as 4 to 8 seconds, AU10TIX proactively adjusts to new threats and compliance requirements. Notably, it offers the industry’s only fully automated global identity management system and can detect organized mass fraud attacks by evaluating traffic patterns and cross-referencing data within a consortium comprising more than 60 prominent firms. With a history rooted in airport security, AU10TIX has authenticated billions of identities and thwarted over $24 billion in identity-related fraud attempts. The company operates as a subsidiary of ICTS International N.V. (OTCQB ICTSF). Connect with AU10TIX via LinkedIn and on X at @AU10TIXLimited. For more details, visit AU10TIX.com.