It might not come easy, it is probable that the attacker is using stolen personal identifications.
Yup, this is how they cover their tracks, and i have to say i have been stupid enough to give my kyc to some shady projects and i think it's just a matter of time until they are used in some sort of scam. Luckily for me so has so many else so they have ton if IDs to use before mine.