Cyberscammers are bypassing banks’ security with illicit tools sold on Telegram

Scammers are exploiting a critical weakness in financial security by using illicit 'virtual camera' tools, readily available for purchase on Telegram, to bypass mandatory biometric 'Know Your Customer' (KYC) checks. An investigation by MIT Technology Review identified 22 public Telegram channels in multiple languages advertising these kits, which allow criminals to spoof facial recognition and liveness scans required by major banks and crypto exchanges. The tools work by intercepting a phone's camera feed and replacing it with a pre-recorded video or deepfake, tricking apps from institutions like Spain's BBVA, UK-based Revolut, and Binance into verifying a fraudulent identity. This enables the creation of 'mule' accounts specifically for laundering money from schemes like 'pig-butchering' crypto scams.

The proliferation of these bypass kits is directly fueling a surge in sophisticated financial fraud. Cybersecurity firms report a dramatic increase in these attacks, with iProov noting virtual-camera attacks grew over 25x globally from 2023 to 2024, while Sumsub reported sophisticated multi-step fraud attempts nearly tripled. This trend coincides with a massive scale-up of Asian scam syndicates and an estimated $17 billion stolen in crypto scams in 2025. Despite Telegram removing some channels for violating its terms, new marketplaces quickly emerge, creating a relentless cat-and-mouse game. The situation underscores how enhanced security regulations are being systematically undermined, forcing financial institutions into a continuous cycle of defensive adaptation against increasingly tool-enabled criminal networks.