Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Fake news. Show all posts

The UK Erupts in Riots as Big Tech Stays Silent


 

For the past week, England and parts of Northern Ireland have been gripped by unrest, with communities experiencing heightened tensions and an extensive police presence. Social media platforms have played an unjust role in spreading information, some of it harmful, during this period of turmoil. Despite this, major technology companies have remained largely silent, refusing to address their role in the situation publicly.

Big Tech's Reluctance to Speak

Journalists at BBC News have been actively seeking responses from major tech firms regarding their actions during the unrest. However, these companies have not been forthcoming. With the exception of Telegram, which issued a brief statement, platforms like Meta, TikTok, Snapchat, and Signal have refrained from commenting on the matter.

Telegram's involvement became particularly concerning when a list containing the names and addresses of immigration lawyers was circulated on its platform. The Law Society of England and Wales expressed serious concerns, treating the list as a credible threat to its members. Although Telegram did not directly address the list, it did confirm that its moderators were monitoring the situation and removing content that incites violence, in line with the platform's terms of service.

Elon Musk's Twitter and the Spread of Misinformation

The platform formerly known as Twitter, now rebranded as X under Elon Musk's ownership, has also drawn massive attention. The site has been a hub for false claims, hate speech, and conspiracy theories during the unrest. Despite this, X has remained silent, offering no public statements. Musk, however, has been vocal on the platform, making controversial remarks that have only added fuel to the fire.

Musk's tweets have included inflammatory statements, such as predicting a civil war and questioning the UK's approach to protecting communities. His posts have sparked criticism from various quarters, including the UK Prime Minister's spokesperson. Musk even shared, and later deleted, an image promoting a conspiracy theory about detainment camps in the Falkland Islands, further underlining the platform's problematic role during this crisis.

Experts Weigh In on Big Tech's Silence

Industry experts believe that tech companies are deliberately staying silent to avoid getting embroiled in political controversies and regulatory challenges. Matt Navarra, a social media analyst, suggests that these firms hope public attention will shift away, allowing them to avoid accountability. Meanwhile, Adam Leon Smith of BCS, The Chartered Institute for IT, criticised the silence as "incredibly disrespectful" to the public.

Hanna Kahlert, a media analyst at Midia Research, offered a strategic perspective, arguing that companies might be cautious about making public statements that could later constrain their actions. These firms, she explained, prioritise activities that drive ad revenue, often at the expense of public safety and social responsibility.

What Does It Look Like?

As the UK grapples with the fallout from this unrest, there are growing calls for stronger regulation of social media platforms. The Online Safety Act, set to come into effect early next year, is expected to give the regulator Ofcom more powers to hold these companies accountable. However, some, including London Mayor Sadiq Khan, question whether the Act will be sufficient.

Prime Minister Rishi Sunak has acknowledged the need for a broader review of social media in light of recent events. Professor Lorna Woods, an expert in internet law, pointed out that while the new legislation might address some issues, it might not be comprehensive enough to tackle all forms of harmful content.

A recent YouGov poll revealed that two-thirds of the British public want social media firms to be more accountable. As big tech remains silent, it appears that the UK is on the cusp of regulatory changes that could reshape the future of social media in the country.


Bangladeshi Hacker Group Targets Multiple Indian News Agencies

 

An update regarding the cyberattack on Alt News has brought up cybersecurity news in Indian media once more. After focusing on Indian news agency ANI News for a few hours, the threat actor group "Mysterious Team Bangladesh" has now listed the well-known Indian fact-checking website "Alt News" as its latest victim. 

The hacktivist group claims that the purported ANI News and Alt News cyberattacks are a part of their ongoing OpIndia23 campaign against the Indian media for allegedly inciting hatred and false information. 

ANI News is a news organisation with its main office in New Delhi. Mohammed Zubair and Pratik Sinha, two former IT engineers, launched the fact-checking website Alt News, a non-profit organisation in India. 

Both organisations' websites were reachable at the time of writing. A number of cyberattacks on international targets included the claimed Alt News hack. 

Mysterious Team shared the hashtags "opindia23," "counterattack," and "OpTerrorismCountry" along with the Telegram message. The group has accounts on several social media networks and has 1,283 Telegram subscribers. 

The bio for the gang on its Twitter account, where they frequently discuss the specifics of their attacks and victims, reads, "We are cyber warriors of Bangladesh." 

Along with articles on hacking and cyberattacks, the group also publishes the names of other hackers. A name that came up was "_barbby," who according to his biography is a journalist and a human rights advocate. There were two hashtags on the profile: OpIsrael and FreePalestine.

In the bio of another hacker, YourAnonRiots, it was said, "Our mission is global peace." The profile's hashtag was HackThePlanet, which appears to be the case in light of the hacking attacks on numerous government and other organisation websites. Your Anon Story, MCA Ops, and Saudi Exile were the other hackers that had been identified.

In the past 24 hours, the Mysterious Team Bangladesh group has also listed TV7 Israel News, Uniurdu, an Urdu-language news website, and Univarta, a Hindi-language news website, as victims. Furthermore, the hacktivist group also targeted the website of The Press Trust of India.

Along with saying "Expect Us," the organisation also declared that it had attacked the Indian Computer Emergency Response Team. 

The Mysterious Team appears to be a sizable group made up of numerous hackers that use system weaknesses to get access. But nothing is known about their method of attack other than the fact that they effectively shut down the systems and publish screenshots of their hacks on their various social media platforms.

Be Wary Because Cybercriminals Are Getting More Ingenious

 

In the media, misinformation is regularly discussed, primarily in relation to politics and is often used interchangeably with fake news. Even though these are major problems, a greater and more direct threat is frequently disregarded: how cybercriminals utilise false information to steal from businesses and people. 

The dictionary defines disinformation as "false or inaccurate information, especially that which is deliberately intended to deceive." But when mixed with a lot of exact and genuine information, particularly information that only a select few are aware of, misinformation can be highly persuasive and deceitful. Criminals can use real information stolen through cyberattacks, along with a little bit of deception, to have a significant financial impact on both businesses and people. 

Using wire transfers for profit 

Most of us have heard of fraud schemes that target credit card information. Most of the time, erroneous credit card charges may be disputed or reversed, preventing you from eventually losing any money. However, there is a significant distinction with wire transfers: they are frequently immediate and irreversible. In other words, if a wire transfer is used, the money is lost, especially if the fraud is not found right away. This functionality has been used by cybercriminals in a number of ways. 

One example is when crooks get access to a company's computer systems and spend time reading emails and understanding internal procedures. The fraudsters discover who is authorised to provide wire transfer orders to the financial office and what the procedures are. They then pose as these officials one by one for several days, issuing wire transfer orders, some for more than $500,000, to the criminal's accounts. When one organisation the author spoke with realised this costly problem, protocols were put in place to require proof that such wire transfers were indeed requested by authorised individuals. This entailed connecting directly with the authorised individual over the phone and checking the transaction's details. 

Unfortunately, such sensible processes are frequently implemented only after a crime has already occurred. Wire fraud can cost individuals as well as organisations money. Executive home buyers are popular demographics. A critical step in most home buying transactions is the wire transfer of a substantial sum of money to a title or escrow company, which holds the funds until the title to the property is transferred to the new owner, and then — and only then — the escrow company transfers those funds to the home seller. 

Criminals take advantage of these circumstances by following a multi-step process. First, they gain access to the computer systems of the real estate agent, attorney, or title agent. They could spend weeks or even months researching impending closings, company procedures, and minutiae such as wire transfer instructions samples. Because last-minute issues can occur, property purchasers are frequently advised to make the wire transfer a day or two in advance. 

Since the title corporation generally gives the instructions one day ahead of time, cyber thieves will send the instructions two days ahead of time. Because they are based on the real instructions, these instructions look to be from the title firm, but the destination information has been changed. They have buried a small amount of false information among a large amount of accurate material. This method has been used to steal hundreds of millions of dollars in a single year. According to FBI data, more than 13,000 people were actually the victims of wire fraud in the real estate and rental industry in 2020, resulting in losses of more than $213 million, a 380% rise from 2017. 

After making numerous anxious calls, you finally learn that your money was taken, leaving you penniless and homeless. There are a number of actions that both individuals and businesses can take to lower the risk of cybercrime with wire transfers. Before sending money, you should always call the person who is supposed to receive it to confirm the wire transfer instructions. The criminals may have included a fake phone number in the instructions you received, so make sure you can confirm that you are actually speaking to the right person. To do this, always check the correct number in advance using an official website or by speaking directly to a known source who can confirm the correct information. 

A scenario where you sold your old house and utilised the proceeds, along with your savings, to purchase a newer, better house in a different city is possible. The day after you move into your new home, you might be halfway to the new city in your automobile when your real estate agent calls to inquire about the status of your down payment. 

Stealing paychecks 

Many businesses offer systems that enable employees to update and retain their personal data, including their home address, phone number, and banking information for direct deposit of their paychecks on a monthly basis. Some highly paid employees' accounts were compromised by criminals, who changed the bank information the day before the payment was scheduled to be made. So that nothing would be observed as being out of the ordinary, they updated the bank details back to normal the following day. They carried on with this plan for a few months before an executive realised the scheduled monthly payments had not reached his bank after receiving a notification of insufficient funds on a cheque. This shows how crucial it is to monitor your bank account frequently enough to spot odd or fraudulent behaviour, especially to make sure that expected deposits are being made. 

Boss scam 

The typical hoax, in which the CEO of the business requests that the CFO deliver money somewhere, is one that most of us have heard of. You could think that since you aren't a CEO, these frauds don't apply to you, but that isn't the case. One variation of this scam, which is particularly prevalent on college campuses, involves staff members receiving what looks to be an email from a higher ups, usually the department head. One example of a narrative presented to a staff person is, "I just realised that I am going to my nephew's birthday party tonight and I'm in meetings all day, so I won't have time to get a gift. 

Could you please do me the courtesy of purchasing a $100 gift card and emailing me the numbers on the back? One victim bemoaned, "It was not just coming from one of my colleagues; it came in the name of my department chair." Eight out of ten faculty members in one department fell for the con, according to a story I've heard. It is crucial to confirm once more that your supervisor is the true sender of the communication. 

Bottom line

All of this is to say that while fake news and other forms of disinformation are a problem, having a lot of reliable data combined with even a small amount of misinformation can have catastrophic results. These are but a few current instances. As mentioned, there are steps that can be taken to prevent such crimes, or at the very least significantly lower their frequency, but they must be implemented before the crime occurs. 

However, keep in mind that cybercriminals are extraordinarily inventive and frequently equipped with a wealth of personal data. It is crucial to stay informed about new schemes, to exercise caution, and to build your defences because more dangerous plots could be on our way.

Hacked Ukrainian Radio Stations Propagates Misinformation Regarding President Zelensky’s Health

 

The hackers targeted Ukrainian radio operator TAVR Media on Thursday to spread fake news that Ukrainian President Volodymyr Zelensky was hospitalized and is in a critical condition. 

Anonymous attackers broadcasted reports that the Ukrainian President was in an intensive care ward and that his duties were being temporarily performed by the Chairman of the Ukrainian parliament Ruslan Stefanchuk, the State Service of Special Communications and Information Protection of Ukraine (SSSCIP) stated. 

"Cybercriminals spread information that the President of Ukraine, Volodymyr Zelenskyy, is allegedly in intensive care, and his duties are performed by the Chairman of the Verkhovna Rada, Ruslan Stefanchuk," the SSSCIP said in an update. 

The Kyiv-based holding firm is one of Ukraine’s largest broadcasters and manages nine major radio stations, including Hit FM, Radio ROKS, KISS FM, Radio RELAX, Melody FM, Nashe Radio, Radio JAZZ, Classic Radio, and Radio Bayraktar. 

TavrMedia wrote on Facebook that it is working “to solve the problem,” but did not provide additional details. The company also emphasized that "no information about the health problems of the President of Ukraine Volodymyr Zelenskyy is true." 

The false reports, which were broadcasted during prime time, between 12 and 2 p.m., also forced Zelenskyy to take to Instagram, stating, "I have never felt as healthy as I do now." 

It remains unclear how the hackers breached TAVR Media. Multiple hackers from across the globe have tried to capitalize on the ongoing conflict between Russia and Ukraine to launch a barrage of cyberattacks. 

In a related development, the Computer Emergency Response Team of Ukraine (CERT-UA) also issued a warning regarding macro-laden PowerPoint documents being leveraged to deploy Agent Tesla malware targeting state organizations of Ukraine. 

This is not the first instance that hackers have targeted Ukrainian media. According to Cloudflare, online media, publishing, and broadcasting firms were targeted by more distributed denial-of-service attacks (DDoS) in the second quarter of 2022 than in any other industry. 

Earlier this year in June, the malicious actors also targeted the Ukrainian streaming service Oll.tv and replaced the broadcast of a football match between Ukraine and Wales with Russian propaganda. In February, Ukraine’s national public broadcaster suffered a DDoS attack, according to its general producer Dmytro Khorkin.

According to Arkose Labs, the Bots Target Financial Organizations

 

Children as young as five use internet channels for a variety of activities, so it isn't just adults who are essentially living online. The epidemic hastened the adoption of the internet by children for online lessons, entertainment, and socializing.

In the preface to a company's study paper, 2022 State of Fraud & Account Security Report, Kevin Gosschalk, founder and CEO of Arkose Labs, writes, "A familiar term heard in the last few years is 'data is the new oil." "Data is the precious resource who feeds the digital world, which today permeates so much of our daily lives. Work, socializing, education, and a variety of other activities all take place primarily in the digital realm."

Bloomberg Intelligence estimates the online "metaverse" might be worth $800 billion by 2024, according to the cybersecurity firm. "Fraudsters will have an immensely broader attack surface to target as a result of this." Threat actors can corrupt smart appliances, connected autos, and virtual reality gadgets in addition to PCs and mobile devices." 

According to the Arkose research, fraud assaults on financial institutions are increasing in frequency "as well as sophistication." Internet fraud has increased by 85 percent in recent months, and much more than a fifth of all internet traffic is a cyberattack. Not only fraudsters, but Master Fraudsters - the worst type of fraudster – are coming after gaming, internet streaming, and social media sites with all guns blazing. These are the most prominent and, as a result, the most harmful internet pastimes for youngsters. 

Although children are more comfortable with the internet and can navigate it like a pro, but are not always aware of the dangers which lurk there. They might not be able to spot situations where cybercrooks are attempting to take advantage of human gullibility. 

The Arkose Labs analysis also highlighted an 85 percent increase in login or registration stage attacks year over year. "Once an existing account has been hijacked, attackers can monetize it in a variety of ways," according to Gosschalk, "including stealing bank information, reselling credentials, redeeming collected loyalty points, and more." "Fake new accounts are employed in assaults like stock hoarding, content harvesting, and spam and phishing messaging," says the report.

Indeed, according to the Arkose Labs analysis, the average individual now has over 100 passwords. Abuse of financial information and credentials drove an 85 percent increase in login and registration invasions last year compared to 2020. 

The Arkose Labs analysis indicated such automated services assist in targeting more enterprises: bots utilizing "scraping" assaults helped compromise at least 45 percent of the traffic on travel sites. Meanwhile, phishing, fraud, and the promise of a free trial were used to increase the number of bogus accounts last year compared to 2020. Financial firms and financial institutions have been major targets for attacks.

Report: Telegram's New Battleground for Cybercriminals Amid Russia-Ukraine War

 

Telegram messenger has become increasingly crucial in the ongoing crisis between Russia and Ukraine, since it is widely used by both hackers and cybercriminals. 

According to a survey by cybersecurity firm Check Point, the number of Telegram groups has surged sixfold since February 24, and some of them, dedicated to certain issues, have grown in size, with over 250,000 members in some cases.

The following three categories are the most popular ones that have exploded in popularity as a direct result of Russia's invasion of Ukraine: 
• Various "news feeds" that claim to provide credible reports from Ukraine 
• Volunteering hackers that engage in DDoS and other types of assaults against Russian organisations 
• Fundraising groups that collect cryptocurrency donations reportedly for Ukrainian support 

The "IT Army of Ukraine," which presently has 270,000 members, stands out among those who lead the anti-Russia cyber-warfare activities. Ukraine's IT Army was formed by cyber-specialists in the country, and the results of its operations were evident rapidly. 

Apart from launching DDoS attacks against important Russian websites, the group also publishes the personal information of Russian decision-makers and other key players in the conflict. The majority of Telegram groups that claim to be "donation support" are scammers that take advantage of the circumstance to steal people's money. 

Similar operations based on phishing emails have been reported, but the same thing is happening on Telegram as well, with some of these groups having up to 20,000 members. 

Unverified news

News streams that bypass mainstream outlets and publish unedited, uncensored feeds from the battle zone 24/7, are the third category that is rising. Apart from the fact that exposing unedited battle scenes is against journalistic ethics, many of the stories shared on these sites are unchecked or unverified, and might easily be made up. 

As geopolitical expert Michael Horowitz revealed while sharing footage of a realistic-looking computer-generated air dogfight based on a video game engine, this is a concern even for approved social media platforms.

According to Check Point, these channels continue to attract a high number of users. 'Ukraine War Report,' for example, has 20,000 members, while 'Russia vs. Ukraine Live News,' has 110,000. 'Ukrainian Witness' (видетел крaин), another news programme dedicated to exposing Russian war crimes, has achieved 100,000 subscribers. The goal of groups that actively propagate false material on Telegram channels is to demoralise the opponent, with the hope that the content would be shared on other platforms as well. While some of these channels may provide genuine information, it's practically impossible for users to tell the difference between true and fake news. 

To protect from fraud and cyber-crime when using Telegram, the researchers advised users to be cautious of the information they share on the network. Users should avoid clicking on links with unknown origins, to be wary of strange requests, and to avoid donating money to unknown sources.

Google TAG Takes Down Coordinated Influence Operation Spreading Fake Information

 

Google's Threat Analysis Group (TAG) in its latest published bulletin, provides an outline of the entire “coordinated influence operation” that its staff tracked in January 2022 involving multiple countries. 
 
According to Google TAG, four YouTube channels, two AdSense accounts, 1 Blogger blog, and 6 domains – used to generate revenue by displaying advertisements – were wiped out in coordinated influence operations linked to Belarus, Moldova, and Ukraine. The campaign "was sharing content in English that was about a variety of topics including US and European current events," threat analysts explained.   

To mitigate the spread of misinformation, Google TAG terminated 3 YouTube channels responsible for uploading content in Arabic that was critical of former Sudanese president Omar al-Bashir and supportive of the 2019 Sudanese coup d’état.   
 
Additionally, Google TAG also handled a relatively large "influence operation linked to China." Earlier this year in January, threat analysts terminated 4,361 YouTube channels for spreading Chinese spam content. However, some channels uploaded content in both English and Chinese languages concerning China and US foreign events.   
 
“We terminated 4361 YouTube channels as part of our ongoing investigation into coordinated influence operations linked to China. These channels mostly uploaded spammy content in Chinese about music, entertainment, and lifestyle. A very small subset uploaded content in Chinese and English about China and U.S. foreign affairs. These findings are consistent with our previous reports,” says Google. 
 
Furthermore, Google TAG has banned YouTube channels, AdSense accounts, and Play developer accounts belonging to influence campaigns linked to Iraq, Turkey, and Libya's politics and current affairs.   
 
As the Russian-Ukraine conflict continues to escalate, Google has strengthened the safety measures for those in the region considered to be at higher risk of cyber assaults or attempted account compromise. This includes enabling two-factor authentication (2FA) and promoting the Advanced Protection Program.   
 
"Threat intel teams continue to look out for and disrupt disinfo campaigns, hacking, and financially motivated abuse, and are working with other companies and relevant government bodies to address these threats.,” Google said on Twitter.  
 
Last year, Google TAG blocked 3 YouTube channels used by Iranian attackers to publish content in Bosnian and Arabic condemning the actions of the U.S. and the People’s Mujahedin Organization of Iran (PMOI), a militant organization fighting against the official Iranian government.

Misinformation is a Hazard to Cyber Security

 

Most cybersecurity leaders recognize the usefulness of data, but data is merely information. What if the information you've been given is actually false? Or it is deception? What methods does your cybersecurity program use to determine what is real and what isn't?

Ian Hill, Global Director of Cyber Security with Royal BAM Group defined misinformation as "inaccurate or purposely misleading information." This might be anything from misinformation to deceptive advertising to satire carried too far. So, while disinformation isn't meant to be destructive, it can cause harm. 

The ideas, tactics, and actions used in cybersecurity and misinformation attacks are very similar. Misinformation takes advantage of our cognitive biases and logical fallacies, whereas cyberattacks target computer systems. Information that has been distorted, miscontextualized, misappropriated, deep fakes, and cheap fakes are all used in misinformation attacks. To wreak even more harm, nefarious individuals combine both attacks. 

Misinformation has the potential to be more damaging than viruses, worms, and other malware. Individuals, governments, society, and corporations can all be harmed by misinformation operations to deceive and damage people. 

The attention economy and advertisement-centric business models to launch a sophisticated misinformation campaign that floods the information channels the truth at unprecedented speed and scale. Understanding the agent, message, and interpreter of a specific case of information disorder is critical for organizations to stop it. Find out who's behind it — the "agent" — and what the message is that's being sent. Understanding the attack's target audience — the interpreter — is just as critical.

Misconceptions and deceptions from basic phishing scams, cyberattacks have progressed. Misinformation and disinformation are cybersecurity risks for four reasons, according to Disinfo. EU. They're known as the 4Ts:

  •  Terrain, or the infrastructure that disseminates falsehoods 
  •  Misinformation tactics, or how the misinformation is disseminated
  •  The intended victims of the misinformation that leads to cyberattacks, known as targets.
  •  Temptations, or the financial motivations for disseminating false information in cyberattacks.
 
Employees who are educated on how threat actors, ranging from an amateur hacker to a nation-state criminal, spread false information will be less likely to fall for false narratives and harmful untruths. It is now up to cybersecurity to distinguish between the true and the fraudulent.

Facebook Shuts Down Fake Accounts Associated With Russia and French Military

Earlier this week, in a press conference, Facebook closed two misinformation networks related to Russia, one of which was associated with the French military. Facebook has accused these accounts of orchestrating interference campaigns in African regions. Two networks using multiple FB accounts were given to users associated with the Russian Internet Research Agency. In contrast, the third account had links to persons related to the French military, says Facebook. 

Facebook has closed all three accounts for violating the policy of foreign or government interference. These networks, according to Facebook, attacked targets in North Africa and Middle East countries. As of now, the French military has offered no comments on Facebook's allegations. The campaigns battled with each other, said Nathaniel Gleicher, Facebook's head of security policy, and David Agranovich, head of global threat disruption in a blog. 

It is the first time that Facebook found two campaigns (from France and Russia) fighting with each other, commenting on each other's accounts, claiming it is fake. These accounts used fake accounts as a central part of their operations to mislead people about who they are and what they are doing, and that was the basis for our action, says Facebook. One sample post read, "The Russian imperialists are a gangrene on Mali!" The French network accounts mainly targeted Mali and the Central African Republic. Other targets include Cote d'Ivoire, Chad, Algeria, Niger, and Burkina Faso. It involved 84 FB accounts, six pages, nine groups, and fourteen Instagram accounts that infringed a policy facing "coordinated inauthentic practice." 

In French and Arabic, some of the posts were about France's Francophone Africa systems, allegations of Russian meddling in CAR elections, supportive comments about the French military, and Russia's criticism. According to Gleicher and Agranovich, "we shared information about our findings with law enforcement and industry partners. We are making progress rooting out this abuse, but as we've said before, it's an ongoing effort, and we're committed to continually improving to stay ahead." As of now, the investigation is ongoing, and no further detail has been offered.

A Brief Summary of The Potential Threats Revealed in Black Hat 2020 Conference


Cybersecurity experts had a lot to say about possible cybersecurity threats in the USA Black Hat Conference.




Main Highlights

US Presidential Elections
As the US awaits its presidential elections, cybersecurity has become a significant issue. In the conference, experts came out with various solutions to election-related cybersecurity threats that might arise during the campaigning and offered new ideas to strengthen the infrastructure.

Exploits and Vulnerabilities 
Cybersecurity expert Matt Vixey presented research on cybersecurity exploits. The main idea is that cyberattacks can only be prevented if there's a proper system involved; in other words, a plan-of-action. Here, the 'Human factor' risk is involved, and the hackers attack it.

DNS Attacks 
In recent times, DNS encryptions and its security have come into question. Hackers have come with a new way to breach the encryption; the technique is known as DOH (DNS-over-HTTPS). The key speaker for the topic was Mr. Eldridge Alexander, Cisco's Duo Labs, Security Research, and Development manager.

Cyberthreats and COVID-19 
The COVID-19 pandemic saw a surge in cybersecurity threats. With people working from home, hackers saw new targets that were easy to attack. Keeping this particular issue in mind, Shyam Sundar Ramaswami presented several ways to identify pandemic based malware or malspam, including a rapid statics analysis approach.

A world without passwords 
Imagine a world with no passwords, a world where all the systems are integrated with a unique authorization model. Wolfgang Goerlich and Chris Demundo presented their 'Zero Trust' theory, where systems would not need to require passwords, making a secure cyber world.

Possible Threats

  • Influence Campaigns- Misuse of social media platforms to disseminate fake news and misinformation has become a critical problem, especially during the election campaigns. 
  • According to James Pevur, satellite communications are open to surveillance and monitoring. Hackers can easily bug communication using a few sophisticated gadgets. 
  • Botnets- Hackers can use high watt devices and turn them into Botnets, attacking energy campaigns. 
  • Experts say that open source tools can be used by hackers to create fake websites or channels that look the same as the original. It can allow the influence of public opinion.

Meghan Markle and Prince Harry's Names Used for Fake Celebrity Endorsement of Bitcoins?


While the Coronavirus pandemic has practically driven people to stay locked up in their homes and spend a lot more (in some cases almost all) of their time online, the possibilities for cyber-criminals have only flourished.

Cyber-security experts have realized this and made a note out of it that everyone knows the kind of danger is lurking in their cyber-world.

From elaborate scams to phishing attacks that target the victim’s personal information, there is a lot of people who need to be cautious about it.

The Cryptocurrency industry is going through a lot due to the current crisis the world is in. The 'crypto-partakers" are being particularly on the hit list with something as attention-grabbing as purportedly “celebrity endorsement”. The latest bait names for this attempt happen to be that of charming Meghan Markle and Prince Harry.

Well-known personalities’ names like Bill Gates, Lord Sugar and even Richard Branson have been misused to lure people in as a part of similar scams. It is not necessary for the people mentioned to belong to a particular industry. They could be anyone famous for that matter.

The scams are so elaborate that once fooled the victims can’t even trace the mal-agent and. The latest scam, per sources, employs a fake report from the “BBC” mentioning how Prince Harry and Meghan Markle found themselves a “wealth loophole”.
Per sources, they also assure their targets that in a matter of three to four months they could convert them into millionaires. Further on, allegedly, it is also mentioned that the royals think of the Cryptocurrency auto-trading as the “Bitcoin Evolution”. It reportedly also includes a fake statement to have been made by Prince Harry.

The overconfident scammers also declare that there is no other application that performs the trading with the accuracy like theirs. Reportedly, on their website, there are banners with “countdowns” forcing people to think that there are limited period offers.

According to researchers this is one of the many schemes desperate cyber-criminals resort to. People not as used to the Cryptocurrency industry and the trading area, in particular, are more vulnerable to such highly bogus scams and tricks that the cyber-criminals usually have up their sleeves.

WhatsApp's Latest Feature will Let Users Verify Forwarded Messages on Google


Owing to the lockdown due to the outbreak of the global pandemic Covid-19, people are once again resorting to their go-to messaging app – WhatsApp to spread misinformation in the name of information. Notably, WhatsApp has continued to be the most favorite platform for the circulation of fake news which also caused a number of untoward incidents in India.

It's mainly because of the rampant forwarding of messages created to promote individuals' or organizations' vested interests. While, public fear, unawareness, and lack of knowledge have a huge role to play in the equation of fake news and the consequences it had on the society, WhatsApp has constantly stood up to the issue and ensured to eliminate the flaws in its software.

The app has a massive reach across the globe with more than 2 billion active users and in an attempt to curb this circulation of misinformation, WhatsApp is reportedly working on a new feature that would allow users to verify the forwarded messages, helping them separate authenticated news from the fake ones.

As per sources, the tool will appear as a magnifying glass icon placed beside the forwarded messages on a user's WhatsApp, when the user will tap on the icon, a pop-up will appear asking him if he would like to search the message on the web, it will enable the user to directly upload the forwarded message on Google and verify the authenticity of the news.

“We are working on new features to help empower users to find out more information about the messages they receive that have been forwarded many times. This featuring is currently in testing, and we look forward to rolling it out in the near future.” WhatsApp told.

In a previous update, WhatsApp introduced a 'forwarded' label at the top of forwarded texts to make identification easier for the users.

The new feature by WhatsApp has already been sent out for testing and will be made available shortly for all the Android users and subsequently for the iOS users.

Is WhatsApp the new Coronavirus of Facebook?


The health officials and government authorities are trying their best to inform the public about the safety precautions amid the Coronavirus epidemic. But these health initiatives taken by the government and medical experts are constantly being threatened by one of the largest social media messaging platform. These messaging platforms are steadily spreading misinformation and fake remedies about the Coronavirus. Facebook-owned messaging platform WhatsApp has received harsh criticisms over its handling of the Coronavirus situation because of the spreading of fake news and misinformation using WhatsApp about the Coronavirus epidemic, which has caused more than 8000 death and affected more than 2,00,000 people across the globe.


WhatsApp users send messages that most of the time are inaccurate and lack any legitimacy, say the medical experts. The problem has now become so troublesome that global health organizations and world leaders have asked people to stop forwarding and sharing unverified claims about Coronavirus and its cures using WhatsApp. Irish president Leo Varadkar on twitter asked the people to avoid sharing unverified news in WhatsApp groups. According to him, the WhatsApp messages are frightening and ambiguous. People should only trust official information from health and government sectors, he says.

The misinformation shared on WhatsApp mostly comes from forwarded messages by a friend of a friend or supposedly a doctor. Not all messages are incorrect, for instance, washing your hand to stay safe. One of the most circulated false claims on WhatsApp is 'drinking warm water every 15 minutes will prevent you from Coronavirus.' Because WhatsApp messages have end-to-end encryption, health officials and the government can't trace the source of misinformation. Even WhatsApp can't trace the source of messages.

"It is clear ... that a lot of false information continues to appear in the public sphere. In particular, we need to understand better the risks related to communication on end-to-end encryption services," said Vice President Věra Jourová, Europen Commission, on Tuesday. He also surveys the alliance's work to stop misinformation. "There are over a dozen [local fact checkers] so far, and we want more to be able to do their important work so rumors are identified and countered," said Will Cathcart, the head of WhatsApp, on Wednesday in a tweet.

Beware of Fake Videos on Facebook and WhatsApp!


Beware! People who have blind faith in the internet and tend to believe almost anything that they view or come across online, for there has surfaced a new medium for fearless dissemination of misinformation.

Fake news and modified pictures have already been wreaking havoc on social media and real lives of people for quite a long time now; leading to serious after-effects and reactions. Mob lynching, hate speeches and violent masses are few of the many upshots of such news and pictures.

At a time when the county was freshly getting used to fighting fake news and misinformation, a leading player joined the race, which goes by the name of “deepfake”.

Deppfake videos employ artificial intelligence to alter fake videos in such a way that they seem real to viewers. These videos are crafted with such ability that it becomes difficult for people to identify any possible lacunae.

These videos are so absolutely deceitful that the common person viewing them can’t remotely recognize or realize if, then what is wrong with them.

In latest times, the concept of morphed images is not new and hence people started to rely more on videos. But with deepfake, altering videos is possible too. In fact the operator could even manipulate actions and what is being said in the video.


Like every other fad that social media and its users accept with open arms, deepfake videos have a strong probability of making significant trouble on platforms like WhatsApp and Facebook to name a few.

Another issue with these videos is the resolution they are available in. Most videos that are found on Facebook or WhatsApp are quite low on quality and hence it becomes all the more challenging to identify their bogusness.

These days political or any other kind of speeches of influential personalities are circulated generously across all of social media. With threat actors like deepfake videos, the ordinary speeches could be malformed to enflame the masses.

Sources mention that genuine looking fake porn videos could also be circulated online via deepfake. Especially the porn clips that are recorded through spy cameras can be effortlessly manipulated into any sort of personal or professional hazard.

The extremely effective notion of targeted adverting refers to placing information according to the needs of the audience. Deepfake videos open new avenues for negative targeted advertising and people who are looking forward to creating unrest in otherwise peaceful situations.

These videos are outstandingly dangerous because along with being imperceptible as fake they also hold the capacity to instigate populaces for a cause that may not even exist.


'Yes Bank' registers a complaint against fake news, alleging it of frightening investors


Yes, Bank filed a police complaint against fake news stating that misinformation was posted on social media concerning the bank's finance. The complaint was filed at Mumbai Police's Cyber cell when the investors withdrew their shares, and the capitals at the stock market hit a downfall. The bank's police complaint says that the fake news was scaring away its investors and depositors.



The rise of mobile internet in India has resulted in social tremors, with users falling prey to false information. Due to the lack of digital literacy, people are easily exposed to Fake News.

One of the biggest reasons is that fake news is usually engaging, and frightening which drives people to share them in a flash. It intends to create chaos among the general public. For a few days, some perpetrators are circulating fake news and ill-disposed falsehoods about Yes Bank on social networking sites and WhatsApp to generate fright among the bank's clients. The information seeks to present the bank in bad standing and is aimed to defame the bank's image among its clients, shareholders, and society.

"Yes Bank filed a charge by Mumbai Police and Cyber Cell on the propagation of fake news and advertising of lies about the bank's economic status on different social media platforms such as WhatsApp," said the bank in its report. The bank also asked the authorities to establish a committee of specialists to look over the issue of rumor-mongering and find the convict guilty of spreading fake news over social media platforms, they also requested the experts to find the origin of the fake news.

The bank requests its stakeholders and investors to be aware of false information. 'We assure our client that Yes Bank's financial standing is safe and reliable and would continue to be the same for a long time,' it says. It is no doubt that since the last few years, fake news has become a threat to Indian democracy and the people of India. Misinformation that is aggressively spread or shared through social media platforms causes chaos and distress among the public.

Postcard and Indiatimes in a List of ‘Fake News’ Websites?


A US-based non-profit journalism school, Poynter Institute for Media Studies, compiled a list of more than 500 websites "spreading false or misleading information" which shockingly featured two well-known Indian news websites, Postcard News and Indiatimes.

Apart from these two, there was also the mention of Indian news website Firstpost, at first but when the portal in question took to twitter to unequivocally protest its inclusion in the list, making accusations against the Poynter survey for "flippantly" overlooking "the daily journalism that Firspost [sic] hosts… the reputation it has gathered for equipoise”.

The list was thusly updated to remove Firstpost alongside a US-based media house. The survey being referred to was led by the International Fact-Checking Network at Poynter Institute for Media Studies and the subsequent list of 513 websites 'believed' to have been related with unreliable news was released in a report called "UnNews: An index of unreliable news websites”.

Barrett Golding, who led the whole project, said on the website that the index was made based on lists that were “public and curated by established journalists or academics”, “contained original data” and expressed their criteria for inclusion, and characterized how they reviewed the various sites.

As of now when the two Indian news websites have been labeled "unreliable", India is yet to concoct a specific law to handle such counterfeit news or misinformation on websites as online media.

However, the Government doing the best it can, has appointed a committee under the Prime Minister's Office (PMO) the previous year to study more about the difficulties and challenges in online media, like fake news and malignant content, and concoct a strong structure to tackle them once and for all.

US: Fake News and Hike in Malicious Campaigns



'The internet is stacked with fake news sites in the present times,' says the research of Domain Tools, a security analyst company. The company scrutinized some top news sites of the U.S and examined their vulnerability to URL hacking and false domains. The false URLs may advertise misinformation and harmful malware, according to study. “As skepticism of traditional media continues to rise, defending the society from fake news attacks has grown relevant to the constitutional process,” says Corin Imai, a security advisor of DomainTools.

The fake news in recent times has attacked the credibility of news and raised questions concerning professional journalism. In present times, the media coverage is full of falsehoods and misinformation. The majority of the mainstream news sites can be held responsible for spreading fake news among the general public.

Why should one pay attention to fake news sites? 

'It’s no mystery that since recent times fake news campaigns are on a hike,' says Imai. 'The research shows that various top news websites' domain names have been tricked, and are vulnerable to URL hacking.' Honesty and assurance are the pillars of splendid consumer aid expertise. The study by Domain Tools reveals how wicked users do clever tricks like typosquatting and replicating domains as methods to wind up fake news campaigns.

Typosquatting, also called URL hijacking, is a technique that clings on internet users who accidentally type a wrong domain while searching for a news site on a browser. Whereas, spoofing is when a trickster acts as a genuine publisher of a news site. These unlawful actions can result in unauthorized stealing of user data, circulate fake news via spoofing news sites and, download dangerous malware into the user's system.

How to identify misinformation campaigns and stay safe from fake news sites- 

Fake news sites often benefit from user's browsing pace by hogging on their favored source of information. This can lead to data theft or vulnerability to fake news and malware.
Steps to avoid fake news-

• Beware of suspicious or doubtful domain names. Always pay attention to whether the web search is correct.
• Bookmark your preferred news site. This benefit in avoiding typos while searching for a news site.
• Visit the news website directly; avoid clicking on links that lead to news or information.
• Be digitally literate. Stay up to date with the latest trends and technologies happening over the internet.

By following these basic precautions, one can be safe from the risk of fake news.

Automated accounts sharing fake news ahead of French polls: Experts

French voters are being deluged with false stories on social media ahead of the country’s presidential election, though the onslaught of “junk news” is not as severe as that during last year’s U.S. presidential campaign, according to a study by Oxford University researchers.

A man looks at campaign posters of the 11th candidates who run in the 2017 French presidential election in Enghien-les-Bains, near Paris, France April 19, 2017. REUTERS/Christian Hartmann.

The study to be published Friday and another published on Wednesday add evidence to complaints by officials in France, Germany and the United States that Russia is trying to replicate its cyber-powered election meddling in American politics.

Just days before France votes in the first round of a presidential election, the study said misinformation at times has accounted for one-quarter of the political links shared on Twitter in France. It defined “junk news” as deliberately false stories and those expressing “ideologically extreme, hyper-partisan or conspiratorial” views with logical flaws and opinions passed along as facts.

“French voters are sharing better quality information than what many U.S. voters shared and almost as much quality news and information as German users share,” according to the study by the Oxford Internet Institute, which will be published on Friday but was made available on Thursday to Reuters.

The French study uses data from a recent week on Twitter but a greater role is being played by Facebook, said Kevin Limonier of the University of Paris VIII, who is studying social media manipulation in the election with a grant from the French government.

Facebook recently suspended 30,000 suspected automated accounts in France. Although it characterized the cleanup as an objective move against spamming, many of the profiles were distributing politically driven misinformation and propaganda.

On Twitter, where automated accounts are allowed, many of the same accounts that promoted Republican Donald Trump in the U.S. campaign last year have turned their attention to pushing conspiracy theories and far-right viewpoints, according to Limonier and Clinton Watts, a former FBI agent and now a senior fellow at the George Washington University Center for Cyber and Homeland Security.

WhatsApp launches fact-check service ahead of General Elections in India





WhatsApp on Tuesday launched a new service called Checkpoint Tipline, for Indians to combat the fake news ahead of General elections beginning this month. 

The Facebook-owned company was working with a local startup PROTO, which aimed at creating a database of false, misleading or disputed. 

The initiative is funded by the WhatsApp to study misinformation spread ahead of the upcoming elections for Checkpoint

The company has set up a verification centre, which would verify posts that are in the form of pictures, video links or text. This center will cover four regional languages - Hindi, Telugu, Bengali and Malayalam, apart from English. 

"The goal of this project is to study the misinformation phenomenon at scale," Proto's founders Ritvvij Parrikh and Nasr ul Hadi said in a statement. "As more data flows in, we will be able to identify the most susceptible or affected issues, locations, languages, regions and more."

In a statement released by the WhatsApp said the start up Proto would be helped by two other organisations who have prior experience working on misinformation-related projects.

"The challenge of viral misinformation requires more collaborative efforts and cannot be solved by any one organisation alone," WhatsApp said.





Indian students create an app for detecting fake news





A team of Indian students from Indraprastha Institute of Information Technology (IIIT), Delhi has developed an app WhatsFarzi for verifying a piece of fake news by using a custom logarithm.

The app is capable of scanning all the internet content, authenticate the images that could have been tampered.  “One of my students started researching on the rapid spread of fake content on Twitter and Facebook, which inspired him to develop a Google Chrome browser extension for both the platforms.

The continuous research by the team gradually gave birth to WhatsFarzi, which is now helping the vexed Indians to fight back such terrors”, said Ponnurangam Kumaraguru, associate professor at IIIT-Delhi.

WhatsFarzi is the concept of three students studying B.Tech computer science at the IIIT Delhi. The team includes  Madhur Tandon (22), Suryatej Reddy Vyalla (20) and Dhruv Kuchhal (23).

Suryatej Reddy, a third-year student, said, “We use a knowledge graph to extract relevant information from people, organizations, locations, and products available on the internet, update this graph with credible news and store it in a secured database. We follow this process to verify textual claims.”