Home / News & Analysis / Don’t Let Your Guard Down When Using Social Media

Don’t Let Your Guard Down When Using Social Media

I use Facebook almost exclusively for personal use to connect with friends, family, or business acquaintances, while Twitter is for news and commentary I find interesting. On the business-focused LinkedIn, however, I'm more liberal when it comes to connection requests.

OpinionsI reason that since the Microsoft-owned LinkedIn is for business networking, the more people I network with, the better it will be for my career and business relationships. I suspect that millions of LinkedIn users take the same approach.

However, I recently was made aware of a report from Dell-owned cyber-security firm SecureWorks. Its Counter Threat Unit (CTU) observed phishing campaigns targeted at the Middle East and North Africa that delivered PupyRAT, an open-source, cross-platform access Trojan using a fake person named Mia Ash.

In short, this report reveals that a known Iranian hacker group called Cobalt Gypsy created a fake profile of a woman named Mia Ash, who claimed to be a celebrated photographer. When I looked at Mia Ash's profile, it looked like many I'd connected with on LinkedIn or Facebook over the years.

The goal of the fake Mia Ash profile was to connect with individuals who were inside legitimate companies in the Middle East and trick them into opening a Word document via their company's email. That would deliver the PupyRat Trojan, infecting the company's network and potentially allowing the hackers entry to steal information.

Some years ago, Cobalt Gypsy used LinkedIn to spread malware-laden job applications. In that case, the fake persona was someone called Timothy Stokes, who said he was a recruiter for a well-known company.

I have also had suspicious requests on Facebook. A recent one came from a person who claimed to be CEO of a Minnesota company, but when I looked up the company, it did not exist.

I'm the last person to discourage anyone from being active on social media. LinkedIn, Facebook, Twitter, and others are legitimate ways to make connections and develop relationships. However, after reading about Mia Ash, I will carefully vet connection requests on LinkedIn.

Related

I suspect that social media will be used more and more for phishing schemes. These two instances focused on the Middle East, but in talking to other security companies, I'm told that similar scams are becoming more common in the US. They use the same approach—befriend a person and over a few weeks or months get them comfortable with communicating and sharing personal information. At some point, they will say they have a friend who is a recruiter and suggest you send your resume—from your corporate email. Then, once the "fake" person can reach them through their corporate email address, they ask the target to open a malware-laden document, putting a company network at risk.

If you work for a company that uses social tools like LinkedIn, SecureWorks says your company should have a system in place whereby you can report any unusual or suspicious activity they receive from an unknown third party. They also suggest that individuals or organizations disable macros in Microsoft Office to mitigate the threat posed by malicious documents.

For consumers of all types, I highly recommend they be very cautious about whom they friend on any social media and never open a document from anyone unless it comes from a person you know and trust.

Read more

Check Also

Nvidia’s new Turing architecture is all about real-time ray tracing and AI

In recent days, word about Nvidia’s new Turing architecture started leaking out of the Santa Clara-based company’s headquarters. So it didn’t come as a major surprise that the company today announced during its Siggraph keynote the launch of this new architecture and three new pro-oriented workstation graphics cards in its Quadro family. Nvidia describes the new Turing architecture as “the greatest leap since the invention of the CUDA GPU in 2006.” That’s a high bar to clear, but there may be a kernel of truth here. These new Quadro RTx chips are the first to feature the company’s new RT Cores. “RT” here stands for ray tracing, a rendering method that basically traces the path of light as it interacts with the objects in a scene. This technique has been around for a very long time (remember POV-Ray on the Amiga?). Traditionally, though, it was always very computationally intensive, though the results tend to look far more realistic. In recent years, ray tracing got a new boost thanks to faster GPUs and support from the likes of Microsoft, which recently added ray tracing support to DirectX. “Hybrid rendering will change the industry, opening up amazing possibilities that enhance our lives with more beautiful designs, richer entertainment and more interactive experiences,” said Nvidia CEO Jensen Huang. “The arrival of real-time ray tracing is the Holy Grail of our industry.” The new RT cores can accelerate ray tracing by up to 25 times compared to Nvidia’s Pascal architecture, and Nvidia claims 10 GigaRays a second for the maximum performance. Unsurprisingly, the three new Turing-based Quadro GPUs will also feature the company’s AI-centric Tensor Cores, as well as 4,608 CUDA cores that can deliver up to 16 trillion floating point operations in parallel with 16 trillion integer operations per second. The chips feature GDDR6 memory to expedite things, and support Nvidia’s NVLink technology to scale up memory capacity to up to 96GB and 100GB/s of bandwidth. The AI part here is more important than it may seem at first. With NGX, Nvidia today also launched a new platform that aims to bring AI into the graphics pipelines. “NGX technology brings capabilities such as taking a standard camera feed and creating super slow motion like you’d get from a $100,000+ specialized camera,” the company explains, and also notes that filmmakers could use this technology to easily remove wires from photographs or replace missing pixels with the right background. On the software side, Nvidia also today announced that it is open sourcing its Material Definition Language (MDL). Companies ranging from Adobe (for Dimension CC) to Pixar, Siemens, Black Magic, Weta Digital, Epic Games and Autodesk have already signed up to support the new Turing architecture. All of this power comes at a price, of course. The new Quadro RTX line starts at $2,300 for a 16GB version, while stepping up to 24GB will set you back $6,300. Double that memory to 48GB and Nvidia expects that you’ll pay about $10,000 for this high-end card.

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.