Technology

Social Engineering, Catfishing: Deception Through Impersonation

The internet possess as a fantastic doorway to many opportunities. We can use it to learn, to communicate and to meet new people.

While it may appear like a marvelous place, if you actually venture further down the rabbit hole, you may find everything is not quite as it seems. At least that is what one employee at a Middle Eastern company found out.

According to a recent article from Wired, a 30-year-old British woman, named Mia Ash, with two art school degrees and a successful career as a photographer is actually the “face” of Iranian state-sponsored hackers. It is believed they have been targeting organizations around the Middle East for years with the intent of committing espionage and possibly data destruction.

Despite her biography and track record, she is not the dream woman or Bond girl she appears to be. According to researchers at the security firm SecureWorks, this is because she is fictitious. Her biography fabricated and her photos stolen from another woman’s online profiles, she is, what the internet calls, a classic Catfish.

In February, while trying to identify an attempted spyware infection, a SecureWorks employee found that one of the company’s workers had been in communication with “Mia” for more than a month. What started on Linkedin regarding a simple conversation about photography then escalated to more in depth and meaningful conversations.

After roughly a month of communication, this Mia persona sent the worker an Excel attachment which contained malicious malware. Once the worker opened the document on their work PC, believing it was a photography survey, the malware went to work attempting to infect his computer. The company’s malware defenses prevented the installation, however this is not the first time a company has been hacked using these methods.

In 2014, the well known company GoDaddy admitted it was targeted with an attack using social engineering to trick an employee into giving away vital information which lead to a customer being hacked.

For anyone that isn’t familiar with Social Engineering, it is the use of deception to manipulate an individual into divulging confidential or personal information which can be used for fraudulent purposes. To get a better understanding, the video below perfectly highlights how easy it is to pose as someone else, in order to obtain confidential information.

Catfishing and Social Engineering are two of the most common methods used by hackers when they want information, as employees often have very little training to counteract or even expect these attacks. As a result it can be incredibly easy for a hacker to lull an individual into a false sense of security resulting in leaked information or the individual giving away access to their network.

This is not only applicable within the business world but is also very relevant in everyday life. An article in The Verge reported that one hacker named “Patrick” tweaked Tinder’s API to dupe men who thought they were chatting with women into messaging each other. While another hacker ran a similar operation with up to 10,000 men falling for this trick. This phenomenon of individual talking with Catfish using stolen pictures and fake accounts is also the premise for the incredibly popular TV show by the same name, Catfish.

For this reason, many online dating apps, such as Hookd, have taken Catfishing seriously, and have developed clever ways to curb it.

Read More: Transparent, secure gay dating app launches solution to catfishing that gets users Hookd

While the internet has the potential to bring us closer together, it can also bring us closer to those we would usually steer clear from in real life. Unfortunately, due to the convincing mask the internet provides for hackers and social engineers it is easy for some people to be tricked into believe the untrue. As someone who was the target for a failed social engineering attack, it is easy to understand the dangers that are out there.

For anyone that is concerned about these threats, there are many websites which provide information to help you spot a catfish or social engineer. And just remember, that beautiful blonde model you’re chatting with now may seem hot now, but she will probably seem less appealing when you find out it’s a greasy middle aged man with a ponytail. Be smart, and if it seems too good to be true, unfortunately it’s probably because it is.

Sam Brake Guia

Sam is an energetic and passionate writer/presenter, always looking for the next adventure. In August 2016 he donated all of his possessions to charity, quit his job, and left the UK. Since then he has been on the road travelling through North, Central and South America searching for new adventures and amazing stories.

Recent Posts

How a former Wall Street exec is saving your plants and the planet 

Jeanna Liu’s love for nature is rooted in her childhood. As a young girl, Liu…

18 hours ago

New initiative announced to accelerate cloud, GenAI adoption in Latin America

The arrival of generative artificial intelligence (genAI) into the mainstream at the end of 2022…

18 hours ago

Deborah Leff to join Horasis Advisory Board in boost to machine learning and data initiatives 

Data analytics and machine learning models deliver the most powerful results when they have access…

21 hours ago

37, Emotionally Stuck, and Why the Journey Didn’t Change Me

I’ve been on the road for almost a year now. Chasing freedom, adventure, and purpose.…

3 days ago

Will iPhones Get Pricier Under Trump’s Leadership?

As technological use increases, so may the cost of innovation due to the global movement…

3 days ago

The Science of Gift-Giving: 10 Functional Gifts for the Holidays

Have you ever asked yourself why some people are amazing at picking gifts, while others…

4 days ago