A new investigation by cybersecurity firm CloudSEK has exposed a China-based criminal network, dubbed “ForgeCraft,” that sold more than 6,500 counterfeit U.S. and Canadian IDs to over 4,500 buyers, generating roughly $785,000(Approx. ₹6.91 crore) in revenue. The findings, released in a detailed white paper, describe a sophisticated operation that blends realistic document production with covert shipping and global marketing.
FutureCrime Summit 2026: Registrations to Open Soon for India’s Biggest Cybercrime Conference
High-quality fakes, wide reach
CloudSEK’s STRIKE team found the network used 83 websites, social media adverts and tutorial videos to market driver’s licenses and Social Security-style cards that include scannable barcodes, holograms and UV markings. Nearly 60% of buyers were aged over 25; one buyer ordered 42 commercial driver licences connected to trucking firms with prior regulatory issues. Investigators warn the fake IDs can facilitate unauthorised driving, bank account verification bypasses, SIM swaps, account takeovers and access to age-restricted services.
Covert packaging and delivery tactics
To avoid interception, ForgeCraft shipped IDs hidden inside everyday items — purses, toys or layered carton packaging — via mainstream couriers such as FedEx and USPS. CloudSEK traced a shipment from Xiamen, Fujian to Canada and matched a tutorial video to a customer record, confirming fulfilment. Prices reportedly started at $65 each in bulk; payments flowed through PayPal, LianLian Pay and cryptocurrencies including Bitcoin and Ethereum.
National-security and financial risks
CloudSEK urged law enforcement to seize domains and for couriers to screen for covert packaging. Ibrahim Saify, a CloudSEK security analyst, said: “This demonstrates the critical importance of comprehensive threat intelligence across social media, the dark web and infrastructure channels.” He added that the operation’s scale poses clear national-security and financial-crime risks, from voter-fraud concerns to enabling cross-border money laundering.
What authorities should do next
The report — accompanied by tracking data and imagery — has been shared with North American authorities. CloudSEK recommends coordinated takedowns, stricter courier inspections and tighter payment-channel controls. The ForgeCraft case underscores how high-quality forgeries, online marketplaces and porous logistics combine to create a lucrative, hard-to-police global illicit trade.
