Cybersecurity experts have warned that ordinary "selfies," and especially those in which we make the victory sign (V), could give hackers everything they need to break into our digital accounts.
This is because, by using artificial intelligence tools, criminals are now able to isolate biometric data, such as fingerprints, from a single clear image, and then use it to access fingerprint-protected accounts, from banking apps to emails.
This warning came after Chinese cybersecurity expert Li Zhang revealed during a reality TV show how she managed to steal a celebrity's fingerprints from a selfie in which he was raising his index and middle fingers in a victory sign.
Zhang proved that fingerprint details can be extracted from images taken from a distance of up to one and a half meters, and that up to half of these details can be recovered from images at a distance of three meters, after enhancing the image using editing software and artificial intelligence to reveal the fine lines of the fingerprint, theoretically allowing for the cloning of fingers and the hacking of devices.
The risk increases when the images are clear, well lit, and taken from the front so that the hands are clearly visible, and also when images from multiple angles are available that help hackers reconstruct a complete fingerprint.
Fortunately, experts explain that these attacks are not currently directed at the general public, but rather primarily target high-value assets, as they require a very high-resolution image with fingers pointed directly at the camera in ideal lighting, while factors such as poor lighting, movement, or unsuitable angles make data theft more difficult.
However, Chang advises users to blur, obscure, or smooth their hands in photos before posting them online.
The danger is not limited to social media images only, but there is evidence of real attacks of this kind. In 2014, a German hacker was able to copy the fingerprint of Ursula von der Leyen (currently President of the European Commission) using images from a press conference. Last July in China, hackers tried to unlock the smart lock of a man’s house after he posted a picture in which his fingerprints were clearly visible, but they were stopped before they succeeded.
But the greatest danger lies in a recent and surprising trend: social media users voluntarily uploading high-resolution images of their hands to AI tools for "digital palm reading" and fortune-telling, a trend that has spread on TikTok. Jake Moore, global cybersecurity consultant at ESET, warns that uploading images to chatbots like ChatGPT transmits very complete and accurate information, allowing large companies like OpenAI to capture, store, and potentially share this biometric data in the future. Experts describe this as a "security nightmare" that is even more dangerous than posting the images on regular social media.
