Social Engineering, Catfishing: Deception Through Impersonation

Social Engineering, Catfishing: Deception Through Impersonation

The internet possess as a fantastic doorway to many opportunities. We can use it to learn, to communicate and to meet new people.

While it may appear like a marvelous place, if you actually venture further down the rabbit hole, you may find everything is not quite as it seems. At least that is what one employee at a Middle Eastern company found out.

According to a recent article from Wired, a 30-year-old British woman, named Mia Ash, with two art school degrees and a successful career as a photographer is actually the “face” of Iranian state-sponsored hackers. It is believed they have been targeting organizations around the Middle East for years with the intent of committing espionage and possibly data destruction.

Despite her biography and track record, she is not the dream woman or Bond girl she appears to be. According to researchers at the security firm SecureWorks, this is because she is fictitious. Her biography fabricated and her photos stolen from another woman’s online profiles, she is, what the internet calls, a classic Catfish.

In February, while trying to identify an attempted spyware infection, a SecureWorks employee found that one of the company’s workers had been in communication with “Mia” for more than a month. What started on Linkedin regarding a simple conversation about photography then escalated to more in depth and meaningful conversations.

After roughly a month of communication, this Mia persona sent the worker an Excel attachment which contained malicious malware. Once the worker opened the document on their work PC, believing it was a photography survey, the malware went to work attempting to infect his computer. The company’s malware defenses prevented the installation, however this is not the first time a company has been hacked using these methods.

In 2014, the well known company GoDaddy admitted it was targeted with an attack using social engineering to trick an employee into giving away vital information which lead to a customer being hacked.

For anyone that isn’t familiar with Social Engineering, it is the use of deception to manipulate an individual into divulging confidential or personal information which can be used for fraudulent purposes. To get a better understanding, the video below perfectly highlights how easy it is to pose as someone else, in order to obtain confidential information.

Catfishing and Social Engineering are two of the most common methods used by hackers when they want information, as employees often have very little training to counteract or even expect these attacks. As a result it can be incredibly easy for a hacker to lull an individual into a false sense of security resulting in leaked information or the individual giving away access to their network.

This is not only applicable within the business world but is also very relevant in everyday life. An article in The Verge reported that one hacker named “Patrick” tweaked Tinder’s API to dupe men who thought they were chatting with women into messaging each other. While another hacker ran a similar operation with up to 10,000 men falling for this trick. This phenomenon of individual talking with Catfish using stolen pictures and fake accounts is also the premise for the incredibly popular TV show by the same name, Catfish.

For this reason, many online dating apps, such as Hookd, have taken Catfishing seriously, and have developed clever ways to curb it.

Read More: Transparent, secure gay dating app launches solution to catfishing that gets users Hookd

While the internet has the potential to bring us closer together, it can also bring us closer to those we would usually steer clear from in real life. Unfortunately, due to the convincing mask the internet provides for hackers and social engineers it is easy for some people to be tricked into believe the untrue. As someone who was the target for a failed social engineering attack, it is easy to understand the dangers that are out there.

For anyone that is concerned about these threats, there are many websites which provide information to help you spot a catfish or social engineer. And just remember, that beautiful blonde model you’re chatting with now may seem hot now, but she will probably seem less appealing when you find out it’s a greasy middle aged man with a ponytail. Be smart, and if it seems too good to be true, unfortunately it’s probably because it is.

View Comments (1)

1 Comment

  1. yeezy boost

    September 6, 2017 at 2:05 AM

    I wish to show some thanks to you just for rescuing me from this particular circumstance. Just after checking throughout the internet and coming across suggestions which were not helpful, I thought my life was done. Living without the approaches to the problems you have fixed as a result of this write-up is a serious case, and ones which may have in a wrong way affected my career if I hadn’t encountered your web site. Your main know-how and kindness in playing with all areas was crucial. I am not sure what I would have done if I had not come across such a point like this. It’s possible to now relish my future. Thanks very much for this reliable and sensible guide. I will not be reluctant to refer the sites to any person who should have guide on this issue.

Leave a Reply

Your email address will not be published. Required fields are marked *


Sam is an energetic and passionate writer/blogger, always looking for the next adventure. In August 2016 he donated all of his possessions to charity, quit his job, and left the UK. Since then he has been on the road travelling through North, Central and South America searching for new adventures and amazing stories.

More in Technology

ai citizen happiness

AI for governments monitoring citizen happiness

James RosenfieldMarch 21, 2018
ai task force china

AI Task Force Rhetoric Encourages Cold War With China Over National Security

Tim HinchliffeMarch 19, 2018
cryptocurrencies storm

Cryptocurrencies: A Perfect Storm

Melissa ThompsonMarch 16, 2018
native advertising

The rise of native advertising, and what the future holds: Interview

Sam Brake GuiaMarch 16, 2018
artificial intelligence startups

The Rise of Artificial Intelligence Startups

John MasonMarch 16, 2018
ai defense

The AI revolution in defense technology is happening faster than we think

James RosenfieldMarch 14, 2018
mossad invest startups

Why does Israeli spy agency Mossad invest in startups via Libertad Ventures?

Tim HinchliffeMarch 12, 2018
emotional intelligence

Artificial vs Emotional Intelligence in Machine Learning

James RosenfieldMarch 12, 2018

Cyberbullying isn’t going anywhere; here’s how to deal with it

Melissa ThompsonMarch 12, 2018