Fraud-as-a-Service (FaaS)¶
Definition¶
Fraud-as-a-Service refers to the commercialized ecosystem on dark web marketplaces where fraud tools, stolen data, and attack services are sold as products — enabling non-technical criminals to conduct sophisticated identity fraud.
FaaS Marketplace¶
| Product | Price Range | What It Includes |
|---|---|---|
| Stolen identity kit | $10-100 | Name, SSN, DOB, address, credit data |
| Fake document templates | $20-200 | Editable PSD/AI templates for IDs from various countries |
| Deepfake service | $50-500 | Custom deepfake video of target person |
| eKYC bypass tutorial | $50-300 | Step-by-step guide to bypass specific providers |
| Verified account | $100-1,000 | Pre-verified accounts at banks/exchanges |
| Device farm access | $20-100/day | Access to pool of devices for multi-account creation |
Key Takeaways¶
Summary
- FaaS has industrialized fraud — no technical skill needed, just money
- eKYC bypass guides specifically target known providers — providers must continuously evolve
- Verified account sales mean even perfect eKYC doesn't stop downstream fraud if account is sold
- Defense: continuous monitoring post-onboarding + behavioral biometrics to detect account transfer