Texas.gov reports of a new fraud uncovered

How cyber criminals steal our documents and why.

Recently, the Texas Department of Public Safety (DPS) and the Department of Information Resources (DIR) have discovered a fraud activity involving the issuance of driver’s licenses to unauthorized persons.

It was determined that criminal organizations abroad obtained personal information through illegal means and used it to create fake Texas.gov accounts. This resulted in the issuance of fraudulent driver’s licenses to unapproved individuals. However, DPS systems remained uncompromised.

“In December 2022, the third-party Texas.gov payment services vendor alerted DPS to an increase in customers challenging credit card charges for online transactions. DPS Special Agents and our counterparts in other impacted states initiated a criminal investigation, including the Federal Bureau of Investigation and Homeland Security Investigations. Several subjects have been identified in this criminal enterprise scheme.” – states the official report.

The investigation remains ongoing, and anyone who suspects fraud or identity theft is urged to report it immediately. In addition, it is recommended that individuals regularly monitor their identity-related information and report any suspicious activity to local law enforcement.

Why would cybercriminals bother creating Texas.gov account anyway?

From the report it’s clear that the cyber criminals were aiming to receive brand new documents, precisely drivers license of a victim, while impersonating the actual person. Driver’s licenses are a common form of identification that many people carry with them at all times. This way, driver’s licenses are often required to conduct various activities, such as opening bank accounts, renting cars, and even voting, which makes them a valuable tool for criminals to use in committing other fraudulent activities.

How did it happen? Can anyone register a .gov account on my name?

Cyber criminals could have obtained the victim’s personal information in one of several ways:

One way is through data breaches where sensitive data is stolen from large organizations or websites. In this case, it might have been a car-sharing service or car rent as an example.
Another way is through social engineering tactics such as phishing scams, where criminals trick individuals into giving up their personal information by posing as a trusted entity, such as a bank or government agency. It is possible that the attackers have sent a fishing email to a victim asking to provide data for drivers licence replacement.
Quite often than not nowadays cyber criminals obtain personal information through the use of malware, such as keyloggers, that can capture sensitive data entered into a computer or mobile device.
The attacker might have equally bought this data on a darknet market.

Basically, anyone can create an account on other person’s name, if he has enough data. For example, to create a Texas.gov account, individuals typically need to provide personal information such as their full name, date of birth, and address, along with a valid email address and phone number. They may also be required to provide a Social Security number or other identifying information. With this information, cybercriminals could create fraudulent Texas.gov accounts and use them to request replacement driver’s licenses. It is important to protect personal information and monitor for suspicious activity to prevent identity theft and fraud.

How did cyber criminals use the replaced documents?

The cyber criminals fraudulent activity has been detected due to “an increase in customers challenging credit card charges for online transactions.” This means that hackers have likely registered online banking accounts on victim’s name, using the obtained documents, and tried to challenge a transaction that has been made (for example a driver’s license replacement fee). Finally, the documents alongside the bank accounts obtained by the hackers might be placed for sale in a dark market or used for money laundering.

This case demonstrates the importance of monitoring and analyzing open-source information to identify emerging threats and trends in cybercrime. By tracking and analyzing information from a variety of sources, law enforcement and cybersecurity professionals can stay ahead of evolving threats and take proactive measures to prevent them.

If you liked this article, we advise you to read our previous article about the Hong Kong exporter data breach. Follow us on Twitter and LinkedIn for more content.

Stay up to date with exposed information online. Kaduu with its cyber threat intelligence service offers an affordable insight into the darknet, social media and deep web.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.