Selfie Concerns

There’s a growing sense of alarm as social media buzz suggests that hackers might be able to use AI to extract fingerprints from seemingly innocent selfies, especially those taken with peace signs.

This unsettling warning seems to stem from a Chinese television program aired in April this year.

The segment features financial analyst Lee Cheung, who highlights the risks of taking a selfie with a peace sign, indicating that such photos can be hijacked by hackers for purposes like identity theft, phishing, and invading personal accounts.

Cheung explains that, through image enhancement techniques using photo editing and AI, fingerprint ridges can become visible.

He points out a significant issue: while passwords can be reset or changed, biometric information—like fingerprints or even voiceprints—cannot, which leaves victims at a permanent disadvantage.

Brian Lopez, a cybersecurity leader at Microsoft, remarked, “The threat is real, underestimated, and accelerating.” He adds that what once required forensic expertise is now accessible to anyone willing to put in the effort.

Though rare, there have been instances of fingerprints being extracted from photographs. For example, in 2014, hacker Jan Crisler, also known as “Starbug,” revealed at a press conference that he recreated the fingerprint of European Commission President Ursula von der Leyen using a close-up photo of her thumb combined with different angles taken from various images.

Lopez underscores that high-resolution cameras can capture enough detail for AI-assisted tools to generate usable biometric templates from images shared on social media.

Yet, some experts remain skeptical about how feasible this really is. “It’s like something out of a spy novel or ‘Mission: Impossible,'” said Vyas Sekhar, an electrical and computer engineering professor at Carnegie Mellon University.

Sekhar notes that hackers would need access to a physical scanner that operates via a fingerprint to execute such a scheme.

According to Sekhar, while the average person is probably not a target for fingerprint fraud, hackers typically direct their efforts at “high-value targets,” like wealthy individuals or those in secure positions.

Nonetheless, he acknowledges a certain level of risk, indicating that posting high-resolution images does open some doors for culprits.

Experts have compiled a few strategies to ward off potential fingerprint theft. First and foremost, avoid sharing high-resolution pictures of your hands, especially those that detail your fingertips and palms.

Additionally, multi-factor authentication adds another layer of security beyond just a fingerprint, proving helpful if biometric data falls into the wrong hands.

It’s also wise to check privacy settings on social media and limit who can access your personal photos, thus minimizing the chance of unwanted attention from scammers.

Lastly, keep a close eye on your bank accounts and report any suspicious actions immediately.

Overall, cyber fraud has surged in recent years, with digital thieves siphoning off $16 billion from Americans alone in 2024, a 33% uptick from the previous year.

The elderly have been the most frequent victims, accounting for nearly 30% of the total financial losses, while phishing scams—where fraudsters impersonate others to gather personal information—have made up approximately 193,000 complaints, often manifesting as fake invoices or delivery notifications.