Verifying account Another trend we observed is that of threat actors looking for someone to verify their accounts. Verfying accounts on digital wallets requires details such as an ID card, social security number, home address, date of birth and even personal history. One must verify their identity in order to use all the features Apple Pay has to offer and it is not possible to add or receive a total of $500 or more without verifying an identity. On a Telegram channel we detected a threat actor looking for someone to verify an account for him on selected digital wallets. Figure 11 - The threat actor is looking for someone to vertify his digital wallet account on a Telegram channel; Source:Luminar Researching the topic on the Dark Web during 2016-2020, we see a steady increase in the willingness of threat actors to verify accounts. Phishing Digital wallets are also vulnerable to phishing campaigns although there aren’t many interactions about phishing campaigns in digital wallets on the Dark Web. Earlier this year, a Google pay phishing site was detected. The site simulates money rewards and asks the ‘winner’ to enter his bank details so the prize would be sent to his bank account. Figure 12 - A Google phishing website used to steal users’ credentials