Siege of the selfie?
Panic is building amid social media claims that hackers can now use AI to extract fingerprints from posted pics of people innocently flashing peace signs.
The alarm seems to have originated from a Chinese television segment that aired this April.
The clip in question features financial expert Li Chang demonstrating how taking a peace-sign selfie could leave you vulnerable to hackers who could steal your prints and use them for identity theft, phishing attacks, and to gain access to personal accounts.
The segment showed fingerprint ridges becoming visible after the image was enhanced with photo-editing software and AI tools.
Chang emphasized the danger, explaining that while passwords can be changed or reset, biometric data such as fingerprints and voice cannot, leaving victims permanently vulnerable.
“The threat is real, underappreciated, and accelerating,” Bryan Lopez, a cybersecurity and AI technology leader at Microsoft, told Newsweek.
“What previously required forensic laboratory resources is now within reach of motivated, non-specialist actors,” he continued.
While rare, there have been incidents of fingerprints being pulled from pictures.
In 2014, hacker Jan Krissler — also known, inexplicably, as “Starbug” — announced that he used a close-up photo of European Commission President Ursula von der Leyen’s thumb, along with other images taken from various angles during a press event, to recreate her fingerprint.
“High-resolution cameras now capture sufficient fingerprint ridge detail that AI-assisted reconstruction tools can produce workable biometric templates from social media images,” said Lopez.
While pulling prints is theoretically possible, other experts maintain it is improbable.
“This sounds like the stuff out of spy novels or ‘Mission Impossible’,” Vyas Sekar, an electrical and computer engineering professor at Carnegie Mellon University, told CBS News.
According to Sekar, to execute the scam, a hacker would need access to the physical scanner that unlocks with your fingerprint.
Further, he shared that the average person is unlikely to be the victim of a fingerprint scam, as hackers would need to be “fairly determined” to execute such a plan and are more likely to focus their efforts on a “high-value target” like a filthy rich person or someone with access to a high-security facility.
Still, Sekar admits that there is some risk.
“In theory, it’s possible, especially if people are posting high-resolution images,” he said.
In the interest of preventive strategy, experts have outlined four ways to protect yourself and your prints from falling into dubious hands.
Primary among these is avoiding posting high-resolution images of your hands, particularly pics that clearly show details of your fingertips or palms.
In addition, experts maintain that multi-factor authentication, which uses more than just your fingerprint, offers additional protection if biometric information is compromised.
Officials also underscored the importance of reviewing privacy settings on social media platforms and limiting who can view your personal photos, thereby reducing the likelihood that scammers gain access to images that could contain biometric details.
Finally, folks are advised to monitor their bank accounts and to report any suspicious activity immediately.
According to the FBI, cyber scams have skyrocketed in recent years, with digital fraudsters stealing $16 billion from Americans in 2024 — a 33% increase from the previous year.
Elderly people were the most common victims, with lmost 30% of total monetary losses from people over 60.
The most common scam — with around 193,000 complaints — was phishing/spoofing, in which someone uses a false identity to convince people to share their personal details. Common phishing scams include fake toll bills, package delivery notices, or billing statements.
