Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Fake news. Show all posts
Technology
Big Tech Fake news Meta Misinformation Social Media Technology

The UK Erupts in Riots as Big Tech Stays Silent


 

For the past week, England and parts of Northern Ireland have been gripped by unrest, with communities experiencing heightened tensions and an extensive police presence. Social media platforms have played an unjust role in spreading information, some of it harmful, during this period of turmoil. Despite this, major technology companies have remained largely silent, refusing to address their role in the situation publicly.

Big Tech's Reluctance to Speak

Journalists at BBC News have been actively seeking responses from major tech firms regarding their actions during the unrest. However, these companies have not been forthcoming. With the exception of Telegram, which issued a brief statement, platforms like Meta, TikTok, Snapchat, and Signal have refrained from commenting on the matter.

Telegram's involvement became particularly concerning when a list containing the names and addresses of immigration lawyers was circulated on its platform. The Law Society of England and Wales expressed serious concerns, treating the list as a credible threat to its members. Although Telegram did not directly address the list, it did confirm that its moderators were monitoring the situation and removing content that incites violence, in line with the platform's terms of service.

Elon Musk's Twitter and the Spread of Misinformation

The platform formerly known as Twitter, now rebranded as X under Elon Musk's ownership, has also drawn massive attention. The site has been a hub for false claims, hate speech, and conspiracy theories during the unrest. Despite this, X has remained silent, offering no public statements. Musk, however, has been vocal on the platform, making controversial remarks that have only added fuel to the fire.

Musk's tweets have included inflammatory statements, such as predicting a civil war and questioning the UK's approach to protecting communities. His posts have sparked criticism from various quarters, including the UK Prime Minister's spokesperson. Musk even shared, and later deleted, an image promoting a conspiracy theory about detainment camps in the Falkland Islands, further underlining the platform's problematic role during this crisis.

Experts Weigh In on Big Tech's Silence

Industry experts believe that tech companies are deliberately staying silent to avoid getting embroiled in political controversies and regulatory challenges. Matt Navarra, a social media analyst, suggests that these firms hope public attention will shift away, allowing them to avoid accountability. Meanwhile, Adam Leon Smith of BCS, The Chartered Institute for IT, criticised the silence as "incredibly disrespectful" to the public.

Hanna Kahlert, a media analyst at Midia Research, offered a strategic perspective, arguing that companies might be cautious about making public statements that could later constrain their actions. These firms, she explained, prioritise activities that drive ad revenue, often at the expense of public safety and social responsibility.

What Does It Look Like?

As the UK grapples with the fallout from this unrest, there are growing calls for stronger regulation of social media platforms. The Online Safety Act, set to come into effect early next year, is expected to give the regulator Ofcom more powers to hold these companies accountable. However, some, including London Mayor Sadiq Khan, question whether the Act will be sufficient.

Prime Minister Rishi Sunak has acknowledged the need for a broader review of social media in light of recent events. Professor Lorna Woods, an expert in internet law, pointed out that while the new legislation might address some issues, it might not be comprehensive enough to tackle all forms of harmful content.

A recent YouGov poll revealed that two-thirds of the British public want social media firms to be more accountable. As big tech remains silent, it appears that the UK is on the cusp of regulatory changes that could reshape the future of social media in the country.


Read more »
Media Outlets
Bangladeshi hackers Cyber Attacks Fake news Indian Media Hack Malicious Campaign Media Outlets

Bangladeshi Hacker Group Targets Multiple Indian News Agencies

 

An update regarding the cyberattack on Alt News has brought up cybersecurity news in Indian media once more. After focusing on Indian news agency ANI News for a few hours, the threat actor group "Mysterious Team Bangladesh" has now listed the well-known Indian fact-checking website "Alt News" as its latest victim. 

The hacktivist group claims that the purported ANI News and Alt News cyberattacks are a part of their ongoing OpIndia23 campaign against the Indian media for allegedly inciting hatred and false information. 

ANI News is a news organisation with its main office in New Delhi. Mohammed Zubair and Pratik Sinha, two former IT engineers, launched the fact-checking website Alt News, a non-profit organisation in India. 

Both organisations' websites were reachable at the time of writing. A number of cyberattacks on international targets included the claimed Alt News hack. 

Mysterious Team shared the hashtags "opindia23," "counterattack," and "OpTerrorismCountry" along with the Telegram message. The group has accounts on several social media networks and has 1,283 Telegram subscribers. 

The bio for the gang on its Twitter account, where they frequently discuss the specifics of their attacks and victims, reads, "We are cyber warriors of Bangladesh." 

Along with articles on hacking and cyberattacks, the group also publishes the names of other hackers. A name that came up was "_barbby," who according to his biography is a journalist and a human rights advocate. There were two hashtags on the profile: OpIsrael and FreePalestine.

In the bio of another hacker, YourAnonRiots, it was said, "Our mission is global peace." The profile's hashtag was HackThePlanet, which appears to be the case in light of the hacking attacks on numerous government and other organisation websites. Your Anon Story, MCA Ops, and Saudi Exile were the other hackers that had been identified.

In the past 24 hours, the Mysterious Team Bangladesh group has also listed TV7 Israel News, Uniurdu, an Urdu-language news website, and Univarta, a Hindi-language news website, as victims. Furthermore, the hacktivist group also targeted the website of The Press Trust of India.

Along with saying "Expect Us," the organisation also declared that it had attacked the Indian Computer Emergency Response Team. 

The Mysterious Team appears to be a sizable group made up of numerous hackers that use system weaknesses to get access. But nothing is known about their method of attack other than the fact that they effectively shut down the systems and publish screenshots of their hacks on their various social media platforms.
Read more »
Wire Transfer
Cyber Fraud Cyberscams Data Safety Fake news Sophisticated Assaults User Privacy User Security Wire Transfer

Be Wary Because Cybercriminals Are Getting More Ingenious

 

In the media, misinformation is regularly discussed, primarily in relation to politics and is often used interchangeably with fake news. Even though these are major problems, a greater and more direct threat is frequently disregarded: how cybercriminals utilise false information to steal from businesses and people. 

The dictionary defines disinformation as "false or inaccurate information, especially that which is deliberately intended to deceive." But when mixed with a lot of exact and genuine information, particularly information that only a select few are aware of, misinformation can be highly persuasive and deceitful. Criminals can use real information stolen through cyberattacks, along with a little bit of deception, to have a significant financial impact on both businesses and people. 

Using wire transfers for profit 

Most of us have heard of fraud schemes that target credit card information. Most of the time, erroneous credit card charges may be disputed or reversed, preventing you from eventually losing any money. However, there is a significant distinction with wire transfers: they are frequently immediate and irreversible. In other words, if a wire transfer is used, the money is lost, especially if the fraud is not found right away. This functionality has been used by cybercriminals in a number of ways. 

One example is when crooks get access to a company's computer systems and spend time reading emails and understanding internal procedures. The fraudsters discover who is authorised to provide wire transfer orders to the financial office and what the procedures are. They then pose as these officials one by one for several days, issuing wire transfer orders, some for more than $500,000, to the criminal's accounts. When one organisation the author spoke with realised this costly problem, protocols were put in place to require proof that such wire transfers were indeed requested by authorised individuals. This entailed connecting directly with the authorised individual over the phone and checking the transaction's details. 

Unfortunately, such sensible processes are frequently implemented only after a crime has already occurred. Wire fraud can cost individuals as well as organisations money. Executive home buyers are popular demographics. A critical step in most home buying transactions is the wire transfer of a substantial sum of money to a title or escrow company, which holds the funds until the title to the property is transferred to the new owner, and then — and only then — the escrow company transfers those funds to the home seller. 

Criminals take advantage of these circumstances by following a multi-step process. First, they gain access to the computer systems of the real estate agent, attorney, or title agent. They could spend weeks or even months researching impending closings, company procedures, and minutiae such as wire transfer instructions samples. Because last-minute issues can occur, property purchasers are frequently advised to make the wire transfer a day or two in advance. 

Since the title corporation generally gives the instructions one day ahead of time, cyber thieves will send the instructions two days ahead of time. Because they are based on the real instructions, these instructions look to be from the title firm, but the destination information has been changed. They have buried a small amount of false information among a large amount of accurate material. This method has been used to steal hundreds of millions of dollars in a single year. According to FBI data, more than 13,000 people were actually the victims of wire fraud in the real estate and rental industry in 2020, resulting in losses of more than $213 million, a 380% rise from 2017. 

After making numerous anxious calls, you finally learn that your money was taken, leaving you penniless and homeless. There are a number of actions that both individuals and businesses can take to lower the risk of cybercrime with wire transfers. Before sending money, you should always call the person who is supposed to receive it to confirm the wire transfer instructions. The criminals may have included a fake phone number in the instructions you received, so make sure you can confirm that you are actually speaking to the right person. To do this, always check the correct number in advance using an official website or by speaking directly to a known source who can confirm the correct information. 

A scenario where you sold your old house and utilised the proceeds, along with your savings, to purchase a newer, better house in a different city is possible. The day after you move into your new home, you might be halfway to the new city in your automobile when your real estate agent calls to inquire about the status of your down payment. 

Stealing paychecks 

Many businesses offer systems that enable employees to update and retain their personal data, including their home address, phone number, and banking information for direct deposit of their paychecks on a monthly basis. Some highly paid employees' accounts were compromised by criminals, who changed the bank information the day before the payment was scheduled to be made. So that nothing would be observed as being out of the ordinary, they updated the bank details back to normal the following day. They carried on with this plan for a few months before an executive realised the scheduled monthly payments had not reached his bank after receiving a notification of insufficient funds on a cheque. This shows how crucial it is to monitor your bank account frequently enough to spot odd or fraudulent behaviour, especially to make sure that expected deposits are being made. 

Boss scam 

The typical hoax, in which the CEO of the business requests that the CFO deliver money somewhere, is one that most of us have heard of. You could think that since you aren't a CEO, these frauds don't apply to you, but that isn't the case. One variation of this scam, which is particularly prevalent on college campuses, involves staff members receiving what looks to be an email from a higher ups, usually the department head. One example of a narrative presented to a staff person is, "I just realised that I am going to my nephew's birthday party tonight and I'm in meetings all day, so I won't have time to get a gift. 

Could you please do me the courtesy of purchasing a $100 gift card and emailing me the numbers on the back? One victim bemoaned, "It was not just coming from one of my colleagues; it came in the name of my department chair." Eight out of ten faculty members in one department fell for the con, according to a story I've heard. It is crucial to confirm once more that your supervisor is the true sender of the communication. 

Bottom line

All of this is to say that while fake news and other forms of disinformation are a problem, having a lot of reliable data combined with even a small amount of misinformation can have catastrophic results. These are but a few current instances. As mentioned, there are steps that can be taken to prevent such crimes, or at the very least significantly lower their frequency, but they must be implemented before the crime occurs. 

However, keep in mind that cybercriminals are extraordinarily inventive and frequently equipped with a wealth of personal data. It is crucial to stay informed about new schemes, to exercise caution, and to build your defences because more dangerous plots could be on our way.
Read more »
Ukraine
Cyber Security Fake news Radio Station Russia-Ukraine War Ukraine

Hacked Ukrainian Radio Stations Propagates Misinformation Regarding President Zelensky’s Health

 

The hackers targeted Ukrainian radio operator TAVR Media on Thursday to spread fake news that Ukrainian President Volodymyr Zelensky was hospitalized and is in a critical condition. 

Anonymous attackers broadcasted reports that the Ukrainian President was in an intensive care ward and that his duties were being temporarily performed by the Chairman of the Ukrainian parliament Ruslan Stefanchuk, the State Service of Special Communications and Information Protection of Ukraine (SSSCIP) stated. 

"Cybercriminals spread information that the President of Ukraine, Volodymyr Zelenskyy, is allegedly in intensive care, and his duties are performed by the Chairman of the Verkhovna Rada, Ruslan Stefanchuk," the SSSCIP said in an update. 

The Kyiv-based holding firm is one of Ukraine’s largest broadcasters and manages nine major radio stations, including Hit FM, Radio ROKS, KISS FM, Radio RELAX, Melody FM, Nashe Radio, Radio JAZZ, Classic Radio, and Radio Bayraktar. 

TavrMedia wrote on Facebook that it is working “to solve the problem,” but did not provide additional details. The company also emphasized that "no information about the health problems of the President of Ukraine Volodymyr Zelenskyy is true." 

The false reports, which were broadcasted during prime time, between 12 and 2 p.m., also forced Zelenskyy to take to Instagram, stating, "I have never felt as healthy as I do now." 

It remains unclear how the hackers breached TAVR Media. Multiple hackers from across the globe have tried to capitalize on the ongoing conflict between Russia and Ukraine to launch a barrage of cyberattacks. 

In a related development, the Computer Emergency Response Team of Ukraine (CERT-UA) also issued a warning regarding macro-laden PowerPoint documents being leveraged to deploy Agent Tesla malware targeting state organizations of Ukraine. 

This is not the first instance that hackers have targeted Ukrainian media. According to Cloudflare, online media, publishing, and broadcasting firms were targeted by more distributed denial-of-service attacks (DDoS) in the second quarter of 2022 than in any other industry. 

Earlier this year in June, the malicious actors also targeted the Ukrainian streaming service Oll.tv and replaced the broadcast of a football match between Ukraine and Wales with Russian propaganda. In February, Ukraine’s national public broadcaster suffered a DDoS attack, according to its general producer Dmytro Khorkin.
Read more »
Phishing and Spam
Cyber Security Data Theft Fake news Meta Phishing and Spam

According to Arkose Labs, the Bots Target Financial Organizations

 

Children as young as five use internet channels for a variety of activities, so it isn't just adults who are essentially living online. The epidemic hastened the adoption of the internet by children for online lessons, entertainment, and socializing.

In the preface to a company's study paper, 2022 State of Fraud & Account Security Report, Kevin Gosschalk, founder and CEO of Arkose Labs, writes, "A familiar term heard in the last few years is 'data is the new oil." "Data is the precious resource who feeds the digital world, which today permeates so much of our daily lives. Work, socializing, education, and a variety of other activities all take place primarily in the digital realm."

Bloomberg Intelligence estimates the online "metaverse" might be worth $800 billion by 2024, according to the cybersecurity firm. "Fraudsters will have an immensely broader attack surface to target as a result of this." Threat actors can corrupt smart appliances, connected autos, and virtual reality gadgets in addition to PCs and mobile devices." 

According to the Arkose research, fraud assaults on financial institutions are increasing in frequency "as well as sophistication." Internet fraud has increased by 85 percent in recent months, and much more than a fifth of all internet traffic is a cyberattack. Not only fraudsters, but Master Fraudsters - the worst type of fraudster – are coming after gaming, internet streaming, and social media sites with all guns blazing. These are the most prominent and, as a result, the most harmful internet pastimes for youngsters. 

Although children are more comfortable with the internet and can navigate it like a pro, but are not always aware of the dangers which lurk there. They might not be able to spot situations where cybercrooks are attempting to take advantage of human gullibility. 

The Arkose Labs analysis also highlighted an 85 percent increase in login or registration stage attacks year over year. "Once an existing account has been hijacked, attackers can monetize it in a variety of ways," according to Gosschalk, "including stealing bank information, reselling credentials, redeeming collected loyalty points, and more." "Fake new accounts are employed in assaults like stock hoarding, content harvesting, and spam and phishing messaging," says the report.

Indeed, according to the Arkose Labs analysis, the average individual now has over 100 passwords. Abuse of financial information and credentials drove an 85 percent increase in login and registration invasions last year compared to 2020. 

The Arkose Labs analysis indicated such automated services assist in targeting more enterprises: bots utilizing "scraping" assaults helped compromise at least 45 percent of the traffic on travel sites. Meanwhile, phishing, fraud, and the promise of a free trial were used to increase the number of bogus accounts last year compared to 2020. Financial firms and financial institutions have been major targets for attacks.
Read more »
War
Cyber Security Fake news Russia-Ukraine War Ukraine War

Report: Telegram's New Battleground for Cybercriminals Amid Russia-Ukraine War

 

Telegram messenger has become increasingly crucial in the ongoing crisis between Russia and Ukraine, since it is widely used by both hackers and cybercriminals. 

According to a survey by cybersecurity firm Check Point, the number of Telegram groups has surged sixfold since February 24, and some of them, dedicated to certain issues, have grown in size, with over 250,000 members in some cases.

The following three categories are the most popular ones that have exploded in popularity as a direct result of Russia's invasion of Ukraine: 
• Various "news feeds" that claim to provide credible reports from Ukraine 
• Volunteering hackers that engage in DDoS and other types of assaults against Russian organisations 
• Fundraising groups that collect cryptocurrency donations reportedly for Ukrainian support 

The "IT Army of Ukraine," which presently has 270,000 members, stands out among those who lead the anti-Russia cyber-warfare activities. Ukraine's IT Army was formed by cyber-specialists in the country, and the results of its operations were evident rapidly. 

Apart from launching DDoS attacks against important Russian websites, the group also publishes the personal information of Russian decision-makers and other key players in the conflict. The majority of Telegram groups that claim to be "donation support" are scammers that take advantage of the circumstance to steal people's money. 

Similar operations based on phishing emails have been reported, but the same thing is happening on Telegram as well, with some of these groups having up to 20,000 members. 

Unverified news

News streams that bypass mainstream outlets and publish unedited, uncensored feeds from the battle zone 24/7, are the third category that is rising. Apart from the fact that exposing unedited battle scenes is against journalistic ethics, many of the stories shared on these sites are unchecked or unverified, and might easily be made up. 

As geopolitical expert Michael Horowitz revealed while sharing footage of a realistic-looking computer-generated air dogfight based on a video game engine, this is a concern even for approved social media platforms.

According to Check Point, these channels continue to attract a high number of users. 'Ukraine War Report,' for example, has 20,000 members, while 'Russia vs. Ukraine Live News,' has 110,000. 'Ukrainian Witness' (видетел крaин), another news programme dedicated to exposing Russian war crimes, has achieved 100,000 subscribers. The goal of groups that actively propagate false material on Telegram channels is to demoralise the opponent, with the hope that the content would be shared on other platforms as well. While some of these channels may provide genuine information, it's practically impossible for users to tell the difference between true and fake news. 

To protect from fraud and cyber-crime when using Telegram, the researchers advised users to be cautious of the information they share on the network. Users should avoid clicking on links with unknown origins, to be wary of strange requests, and to avoid donating money to unknown sources.
Read more »
User Security
Fake news Technology threat report User Security

Google TAG Takes Down Coordinated Influence Operation Spreading Fake Information

 

Google's Threat Analysis Group (TAG) in its latest published bulletin, provides an outline of the entire “coordinated influence operation” that its staff tracked in January 2022 involving multiple countries. 
 
According to Google TAG, four YouTube channels, two AdSense accounts, 1 Blogger blog, and 6 domains – used to generate revenue by displaying advertisements – were wiped out in coordinated influence operations linked to Belarus, Moldova, and Ukraine. The campaign "was sharing content in English that was about a variety of topics including US and European current events," threat analysts explained.   

To mitigate the spread of misinformation, Google TAG terminated 3 YouTube channels responsible for uploading content in Arabic that was critical of former Sudanese president Omar al-Bashir and supportive of the 2019 Sudanese coup d’état.   
 
Additionally, Google TAG also handled a relatively large "influence operation linked to China." Earlier this year in January, threat analysts terminated 4,361 YouTube channels for spreading Chinese spam content. However, some channels uploaded content in both English and Chinese languages concerning China and US foreign events.   
 
“We terminated 4361 YouTube channels as part of our ongoing investigation into coordinated influence operations linked to China. These channels mostly uploaded spammy content in Chinese about music, entertainment, and lifestyle. A very small subset uploaded content in Chinese and English about China and U.S. foreign affairs. These findings are consistent with our previous reports,” says Google. 
 
Furthermore, Google TAG has banned YouTube channels, AdSense accounts, and Play developer accounts belonging to influence campaigns linked to Iraq, Turkey, and Libya's politics and current affairs.   
 
As the Russian-Ukraine conflict continues to escalate, Google has strengthened the safety measures for those in the region considered to be at higher risk of cyber assaults or attempted account compromise. This includes enabling two-factor authentication (2FA) and promoting the Advanced Protection Program.   
 
"Threat intel teams continue to look out for and disrupt disinfo campaigns, hacking, and financially motivated abuse, and are working with other companies and relevant government bodies to address these threats.,” Google said on Twitter.  
 
Last year, Google TAG blocked 3 YouTube channels used by Iranian attackers to publish content in Bosnian and Arabic condemning the actions of the U.S. and the People’s Mujahedin Organization of Iran (PMOI), a militant organization fighting against the official Iranian government.
Read more »
Virus Attack
cybercriminals Cybersecurity Fake news malware Misinformation Phishing scam Tactics Targeted cyber attacks Virus Attack

Misinformation is a Hazard to Cyber Security

 

Most cybersecurity leaders recognize the usefulness of data, but data is merely information. What if the information you've been given is actually false? Or it is deception? What methods does your cybersecurity program use to determine what is real and what isn't?

Ian Hill, Global Director of Cyber Security with Royal BAM Group defined misinformation as "inaccurate or purposely misleading information." This might be anything from misinformation to deceptive advertising to satire carried too far. So, while disinformation isn't meant to be destructive, it can cause harm. 

The ideas, tactics, and actions used in cybersecurity and misinformation attacks are very similar. Misinformation takes advantage of our cognitive biases and logical fallacies, whereas cyberattacks target computer systems. Information that has been distorted, miscontextualized, misappropriated, deep fakes, and cheap fakes are all used in misinformation attacks. To wreak even more harm, nefarious individuals combine both attacks. 

Misinformation has the potential to be more damaging than viruses, worms, and other malware. Individuals, governments, society, and corporations can all be harmed by misinformation operations to deceive and damage people. 

The attention economy and advertisement-centric business models to launch a sophisticated misinformation campaign that floods the information channels the truth at unprecedented speed and scale. Understanding the agent, message, and interpreter of a specific case of information disorder is critical for organizations to stop it. Find out who's behind it — the "agent" — and what the message is that's being sent. Understanding the attack's target audience — the interpreter — is just as critical.

Misconceptions and deceptions from basic phishing scams, cyberattacks have progressed. Misinformation and disinformation are cybersecurity risks for four reasons, according to Disinfo. EU. They're known as the 4Ts:

  •  Terrain, or the infrastructure that disseminates falsehoods 
  •  Misinformation tactics, or how the misinformation is disseminated
  •  The intended victims of the misinformation that leads to cyberattacks, known as targets.
  •  Temptations, or the financial motivations for disseminating false information in cyberattacks.
 
Employees who are educated on how threat actors, ranging from an amateur hacker to a nation-state criminal, spread false information will be less likely to fall for false narratives and harmful untruths. It is now up to cybersecurity to distinguish between the true and the fraudulent.
Read more »
Subscribe to: Posts (Atom)