social media Archives - Cyber Protection Magazine

Editorial: Jog on, Meta

Lou Covey January 10, 2025

Mark Zuckerberg made two announcements about major changes in Meta in the past two weeks. The first was the revelation that they would be creating hundreds of AI-driven bots to interact with users. The second was the announcement that they would stop moderation of content, “except for dangerous stuff,” according to a video posted by Zuckerberg. With a certain amount of schadenfreude, we note that Meta had to pull the accounts they had already made as users started engaging with them, finding their inherent flaws and raking them over the coals for how piss-poor their execution was.

Both of these announcements validated a decision I had made earlier this year to start divesting myself of Meta platform accounts. I made the request to deactivate all the accounts (Facebook, Instagram and Messenger) a week before both announcements. I would have done it sooner if I had known it would take Meta 30 days from my request to deactivate everything. This morning, however, I received a text from my partners in Cyber Protection Magazine asking if I thought we should deactivate our Facebook account.

Frankly, I had forgotten we had one, basically because we received zero engagement from the platform, despite the amount of content we put up there. That,.too, is a result of Meta de-emphasizing legacy media. Of course, I concurred with the team. Sometime in February, we will disappear from Facebook.

SE Asia casinos that shut down during pandemic were turned into social-engineering call centers to scam wealthy individuals

Pig butchering: Proving the Luddites right

Lou Covey October 9, 2024

Pig-butchering may be proving the Luddites were right. The social-engineering scam bypassed ransomware as the most profitable cybercrime approximately two years ago. After government regulations and law enforcement took a big bite out of returns for ransomware this past year, public-private partnerships are taking aim at the new champ.

TL;DR
* Pig butchering eclipses losses from ransomware
* Top targets are tech savvy people under 50
* Human error trumps cyber awareness
* Public/private partnerships making inroads at dismantling scam operations
* Tips to avoid scams
* Podcast with Arkose CEO
Between 2020 and 20023, scammers reaped more than $75 billion from victims around the world. Approximately 90 percent of the losses came from of purchasing fraudulent cryptocurrency, according to the US Treasury Department’s, Financial Crimes Enforcement Center. In comparison, ransomware attacks in that same period harvested $20 billion worldwide in ransoms and cost approximately another $20 billion in recovery costs.

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here

Election security worldwide

Editors Desk September 30, 2024

The question of election fraud is a worldwide concern, but the use of electronic voting machines introduced shortly after the………more...

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here

In this screenshot, camera footage shows a group of alleged neo-Nazis outside the home of Raw Story investigative reporter Jordan Green.

Scam Bucket: Innocence is no replacement for digital vigilance

Lou Covey September 12, 2024

On Mastodon a poster asked last week, “Looking for an article or blog or text, that succinctly describes, at grade 1 level English, why ‘if you have nothing to hide, you have nothing to fear’ is a crazy and bad argument, and perhaps also includes what some good arguments are.” We thought that is an excellent idea for a Scam Bucket post. Let’s get to the biggest argument against that philosophy.

It may not be scandalous, like a drug addiction, pornography or drug dealing, but there is personal information that everyone wants to keep from someone like passwords, account number and routing number to your bank account, and social security numbers

People who ascribe to the philosophy will readily agree to those limitations of what should be available to public knowledge. What they may not be willing to admit that they have done something in their life that they are ashamed. As Jesus Christ once proclaimed, “No one is without sin. No, not one.”

Sometimes, the error is made in ignorance. Clicking on a link in an email that connects to a porn site. Being rude to a waiter or failing to give a tip. Road rage someone recorded without knowledge or consent. Sometimes it was a mistake they made when they were younger and didn’t know any better… or knew better and did it anyway.

Then there are things that people are totally innocent of but were accused of it anyway. An average of 200–300 people are arrested every year for felonies but are exonerated, according to the National Registry of Exonerations. If the arrest was reported in the news, it is likely the exoneration was not. So the news of the arrest still exists even though they did not commit the crime.

John Gilmore, director of research at the data-scrubbing service DeleteMe, related a story of Jordan Greene, a journalist who covered neo-Nazi rally in North Carolina. Members of the group picked out his face in a photo of the rally, ran it through facial recognition, found where he lived and showed up at his house holding burning flares.

A recent scam has arisen ...

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here

people gathering near road during daytime

Women’s Equality Day: How to ensure women thrive in the workplace

Editors Desk August 26, 2024

Women’s Equality Day, rooted in the celebration of the 19th Amendment giving US women the right to vote, is an opportunity to address some of the challenges faced by women and the ways we can champion women at work.

Crossing the Compliance Chasm

Tarique Mustafa August 22, 2024

There is a wide gap between regulatory compliance mandates and practical implementation and enforcement that I like to call the “Compliance Chasm”. That chasm is defined by the activity to protect consumers and consideration for the economic and operational impact on business enterprises. Finding that balance requires thought, not the more popular whack-a-mole enterprise strategy that reacts to new compliance mandates.

The frequency and size of regulatory fines are rising for non-compliance. In January 2023, Meta was fined $418 million for GDPR violations by Meta properties’ Facebook and Instagram. Ireland’s Data Protection Commission follows up in May that same year with a $1.3 billion fine for additional violations. And those were just the latest fines imposed on web giants, that also included Google and Amazon.

The targets of those fines might be justified in saying compliance is an impossible task. By 2025 the volume of data/information created, captured, copied, and consumed worldwide is forecast to reach 181 zettabytes. Nearly 80% of companies estimate that 50%-90% of their data is unstructured text, video, audio, web server logs, or social media activities.

Security concerns reach beyond CISOs

Lou Covey August 14, 2024

The English riots this past week provide a Dickensian “best of times…worst of times.” context to politics in the United Kingdom and possibly the United States later this year. The UK has had a significant political shift in leadership that brought relief to the majority of that countries citizens (the best) but also encouraged the minority opinion to lash out with provocation from domestic actors and foreign states (the worst). This highlight the fact that digital security concerns reaches far beyond the confines of corporate CISO offices.

The rioters are extreme anti-immigration nationalists whipped up by false information regarding the stabbing of several young children and adults at a dance recital in Southport, a town just north of Wales. The disinformation came from several sources but is primarily coming through a Russian-linked website posing as a legitimate American news organization. The claim was meanwhile amplified up by far-right figures Tommy Robinson and Andrew Tate. Robinson was arrested under anti-terrorism laws but is out on bail has been vacationing in Europe. He is still spreading disinformation. Tate is currently under “judicial supervision” for rape and human trafficking charges. X owner Elon Musk has also participated personally in sewing the discord.

Foreign interference grows

Meanwhile, open source intelligence monitored by companies like Zero Fox and Fletch have identified efforts by North Korea and Russia to interfere in elections of Western countries including Germany and the United States. Zero Fox said, “The Telegram-based bot service IntelFetch had been aggregating compromised credentials linked to the Democratic National Committee (DNC) and their websites. This data, primarily sourced from botnet logs and third-party breaches, includes sensitive information such as login credentials for party members and delegates. This breach poses a significant risk of unauthorized access and potential disruptions to the convention.”

Zero Fox said the DNC had been alerted several weeks ago and that the weaknesses fixed. The DNC Convention is set to begin August 19 and Zero Fox was planning on announcing their findings that day to boost their profile.

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here

Voters mareking ballots at voting station

Election security is not a technology problem. It is how naive we are

Lou Covey June 27, 2024

When it comes to election security, the technology we use to vote and count those votes is not the problem. The problem is how naive we are.

Election security has been at the forefront of daily news cycles for more a decade. The concerns about illicit use of technology to input and count the votes turned out to be largely overblown. Every U.S. state other than the Commonwealth of Louisiana, uses paper ballots, matching the practice of every other western democracy. Lawsuits have bankrupted people and organizations claiming the technology was changing votes. Those that have complained the loudest about election interference are now facing prosecution for the crimes.

Now the tech focus is on the use of artificial Intelligence to create deepfake video and audio. A recent pitch from Surfshark,

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here

FBI statistics showing the break down of elder fraud. $1.2 million in investment scams is on the top. which is twice as much as the second, tech support scams

Elder fraud festers out of control

Lou Covey June 21, 2024

As legislatures around the world try to get a handle on the growth of ransomware, another category of cybercrime is festering out of control: Elder fraud.
The FBI’s Internet Crime Complaint Center (IC3) reported more than 100,000 people in the US, 60 years and older, lost $3.4 billion total to digital scams. The IC3 pointed out that the elderly are half as likely to report a loss. So the actual crimes and losses are probably much higher.

In contrast, the total ransomware payouts last year from reporting companies was $1.1 billion according to Chainanalysis. While the total number of fraud reports to the IC3 appears to have leveled off after years of growth, elder fraud increased by 14 percent year on year.

“Combatting the financial exploitation of those over 60 years of age continues to be a priority of the FBI,” wrote FBI Assistant Director Michael D. Nordwall, who leads the Bureau’s Criminal Investigative Division, in the report. “Along with our partners, we continually work to aid victims and to identify and investigate the individuals and criminal organizations that perpetrate these schemes and target the elderly.”

Who is vulnerable?

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here

RSAC Reporter’s Notebook: Change is coming

Lou Covey May 15, 2024

The cybersecurity industry is just absolute chaos, and rightly so. This is the industry charged with plugging dikes during the Class-5 hurricane that the internet seems to be today. Nowhere is that chaos more evident than at RSAC just from a marketing perspective. Everyone has “ground-breaking”, “industry-leading”, and “first ever” product offerings and this year was no different. But if you can look past the Macho-man impersonations, Formula One cars, and the mesmerizing miasma of the website and show floor, you can see an order forming in the chaos. Change is coming.

Back to step one

RSA CEO Rohit Ghai, said we have missed a step in AI development. “We’ve seen it first as a co-pilot alongside of a human pilot and then see it taking over flying the plane.” He said the first step is making it an advanced cockpit making it easier for less trained and experienced people to do the work. He pointed out that cybersecurity is an industry with negative employment making it difficult to find experienced technicians to do the work.

Last year, any discussion of ethical development was met with confused stares. This year, the need for ethical AI development is taken seriously but few can see a profit in it. Cybersecurity VC Rob Ackerman (DataTribe) and Carmen Marsh, CEO of the United Cybersecurity Alliance, were open to suggestions,

“From the perspective of (companies like OpenAI), I understand the reasons to go as fast as they can to develop a true artificial intelligence, the question is, who are the people in the room guiding the process?” said Ackerman. “Once you get a diverse set of advisors working on the problem, then you do the best you can to create something ethical. But right now, we aren’t even doing the best we can.”