Don’t miss the latest developments in business and finance.

Experts warn risks from unknown links as spyware infests social media

Crooks impersonating journalists, business execs, and even friends and families of victims in over 200 countries to extract sensitive data

cyber attack
Meta said it has disabled the accounts of malicious vendors worldwide and blocked the infrastructure from Meta-owned platforms.
Sourabh Lele New Delhi
3 min read Last Updated : Dec 16 2022 | 8:59 PM IST
Facebook parent Meta Platforms Inc blocked over 40 social media accounts of Indian firm CyberRoot Risk Advisory Private Limited while cracking down on spyware vendors targeting people in over 200 countries. Experts prescribe vigilance for social media users amid rising cases of surveillance.

In its threat report released on Thursday, Meta said the global surveillance-for-hire industry was posing a growing threat to privacy. It indiscriminately targets people — including journalists, activists, and political opposition — to collect intelligence, manipulate and compromise their devices and accounts across the internet.

The company said spyware vendors were increasingly using fake social media accounts, creating fictitious personas to gain the trust of victims. CyberRoot Risk Advisory indulged in similar activities, said Meta.

“To appear more credible, these personas impersonated journalists, business executives, and media personalities. In some cases, CyberRoot also created accounts that were nearly identical to accounts connected to their targets like their friends and family members, with only slightly changed usernames,” the report says.

It added that the Indian firm allegedly spoofed domains of major email providers, video conferencing, and file-sharing tools, including Gmail, Zoom, Facebook, Dropbox, Yahoo, OneDrive, and targets’ corporate email servers. These domains were used for stealing login credentials to the victims’ online accounts on these services.

Ruchir Shukla, Managing Director for SafeHouse Tech India, the Indo-Israeli cyber security company, said threat actors trick users into revealing sensitive information by mimicking the identities of people known to the user.

“These companies use social engineering techniques to monitor and gather information about users and trick them to click on links or download files that will compromise their devices or accounts with new-age malware. These tactics are designed to be covert so that the victims are unaware that they are being targeted,”said Shukla.

Meta said it has disabled the accounts of malicious vendors worldwide and blocked the infrastructure from Meta-owned platforms. It has also shared its findings with security researchers, other platforms, and policymakers, while issuing cease-and-desist letters demanding an immediate stop to violative activity. The social media company has also alerted people who it believes were targeted, and helped them strengthen the security of their accounts.

Shukla said: “To know if you are being spied on, look out for unfamiliar software or apps on personal devices, abnormal device behavior, and unexpected charges on phone bills or abnormal data usage.”

As per the report by Meta, CyberRoot Risk Advisory Private allegedly used a marketing tool called Branch. This was to create, manage and track the delivery of phishing links, likely to obfuscate their origin and take advantage of the benefits of commercial marketing services. Once clicked on, these links would then redirect people to spoofed domains within this firm’s large network of malicious websites.

“To mitigate the risk of surveillance, it is advisable to employ strong passwords and utilize two-factor authentication, exercise caution when interacting with unfamiliar links or attachments, ensure that devices and software are kept up to date with the latest security patches, and use a virtual private network (VPN) on personal devices when accessing the internet for an enhanced private browsing experience,” Shukla said.

Topics :Social MediaMalwarecyber securityCyber AttacksFacebookTechnology in journalismJournalistsMetaverseCyber fraudcyber warFacebook Messenger