#FactCheck -AI-Generated Video Falsely Shows Cristiano Ronaldo Chanting “Free Palestine

Introduction

In todays time, we can access any information in seconds and from the comfort of our homes or offices. The internet and its applications have been substantial in creating an ease of access to information, but the biggest question which still remains unanswered is Which information is legit and which one is fake? As netizens, we must be critical of what information we access and how.

Influence of Bad actors

The bad actors are one of the biggest threats to our cyberspace as they make the online world full of fear and activities which directly impact the users financial or emotional status by exploitaing their vulnerabilities and attacking them using social engineering. One such issue is website spoofing. In website spoofing, the bad actors try and create a website similar to the original website of any reputed brand. The similarity is so uncanny that the first time or occasional website users find it very difficult to find the difference between the two websites. This is basically an attempt to access sensitive information, such as personal and financial information, and in some cases, to spread malware into the users system to facilitate other forms of cybercrimes. Such websites will have very lucrative offers or deals, making it easier for people to fall prey to such phoney websites In turn, the bad actors can gain sensitive information right from the users without even calling or messaging them.

The Incident

A Noida based senior citizen couple was aggreved by using their dishwasher, and to get it fixed, they looked for the customer care number on their web browser. The couple came across a customer care number- 1800258821 for IFB, a electronics company. As they dialed the number and got in touch with the fake customer care representative, who, upon hearing the couple’s issue, directed them to a supposedly senior official of the company. The senior official spoke to the lady, despite of the call dropping few times, he was admant on staying in touch with the lady, once he had established the trust factor, he asked the lady to download an app which he potrayed to be an app to register complaints and carry out quick actions. The fake senior offical asked the lady to share her location and also asked her to grant few access permissions to the application along with a four digit OTP which looked harmless. He further asked the kady to make a transaction of Rs 10 as part of the complaint processing fee. Till this moment, the couple was under the impression that their complaimt had been registred and the issue with their dishwasher would be rectified soon.

The couple later at night recieved a message from their bank, informing them that Rs 2.25 lakh had been debited from their joint bank account, the following morning, they saw yet another text message informing them of a debit of Rs 5.99 lakh again from their account. The couple immediatly understood that they had become victims to cyber fraud. The couple immediatly launched a complaint on the cyber fraud helpline 1930 and their respective bank. A FIR has been registerd in the Noida Cyber Cell.

How can senior citizens prevent such frauds?

Senior citizens can be particularly vulnerable to cyber frauds due to their lack of familiarity with technology and potential cognitive decline. Here are some safeguards that can help protect them from cyber frauds:

• Educate seniors on common cyber frauds: It’s important to educate seniors about the most common types of cyber frauds, such as phishing, smishing, vishing, and scams targeting seniors.
• Use strong passwords: Encourage seniors to use strong and unique passwords for their online accounts and to change them regularly.
• Beware of suspicious emails and messages: Teach seniors to be wary of suspicious emails and messages that ask for personal or financial information, even if they appear to be from legitimate sources.
• Verify before clicking: Encourage seniors to verify the legitimacy of links before clicking on them, especially in emails or messages.
• Keep software updated: Ensure seniors keep their software, including antivirus and operating system, up to date.
• Avoid public Wi-Fi: Discourage seniors from using public Wi-Fi for sensitive transactions, such as online banking or shopping.
• Check financial statements: Encourage seniors to regularly check their bank and credit card statements for any suspicious transactions.
• Secure devices: Help seniors secure their devices with antivirus and anti-malware software and ensure that their devices are password protected.
• Use trusted sources: Encourage seniors to use trusted sources when making online purchases or providing personal information online.
• Seek help: Advise seniors to seek help if they suspect they have fallen victim to a cyber fraud. They should contact their bank, credit card company or report the fraud to relevant authorities. Calling 1930 should be the first and primary step.

Conclusion

The cyberspace is new space for people of all generations, the older population is a little more vulnerble in this space as they have not used gadgets or internet for most f theur lives, and now they are dependent upon the devices and application for their convinience, but they still do not understand the technology and its dark side. As netizens, we are responsible for safeguarding the youth and the older population to create a wholesome, safe, secured and sustainable cyberecosystem. Its time to put the youth’s understanding of tech and the life experience of the older poplaution in synergy to create SoPs and best practices for erradicating such cyber frauds from our cyberspace. CyberPeace Foundation has created a CyberPeace Helpline number for victims where they will be given timely assitance for resolving their issues; the victims can reach out the helpline on +91 95700 00066 and thay can also mail their issues on helpline@cyberpeace.net.

Introduction

Ransomware is one of the serious cyber threats as it causes consequences such as financial losses, data loss, and reputation damage. Recently in 2023, a new ransomware called Akira ransomware emerged or surfaced. It has targeted and affected various enterprises or industries, such as BSFI, Construction, Education, Healthcare, Manufacturing, real estate and consulting, primarily based in the United States. Akira ransomware has targeted industries by exploiting the double-extortion technique by exfiltrating and encrypting sensitive data and imposing the threat on victims to leak or sell the data on the dark web if the ransom is not paid. The Akira ransomware gang has extorted a ransom ranging from $200,000 to millions of dollars.

Uncovering the Akira Ransomware operations and their targets

Akira ransomware gang has gained unauthorised access to computer systems by using sophisticated encryption algorithms to encrypt the Data. When such an encryption process is completed, the affected device or network will not be able to access its files or use its data.

The affected files by Akira ransomware showed the extension named “.akira”, and the file’s icon shows blank white pages. The Akira ransomware has developed a data leak site so as to extort victims.  And it has also used the ransom note named “akira_readme.txt”.

Akira ransomware steeled the corporate data of various organisations, which the Akira ransomware gang used as leverage while threatening the affected organisation with high ransom demands. Akira Ransomware gang threaten the victims to leak their sensitive data or corporate data in the public domain if the demanded ransom amount is not paid. Akira ransomware gang has leaked the data of four organisations and the size ranges from 5.9GB to 259 GB of data leakage.

Akira Ransomware gang communicating with Victims

The Akira ransomware has provided a unique negotiation password to each victim to initiate communication. Where the ransomware gang deployed a chat system for the purpose of negotiation and demanding ransom from the affected organisations. They have deployed a ransom note as akira_readme.txt so as to provide information as to how they have affected the victim’s files or data along with links to the Akira data leak site and negotiation site.

How Akira Ransomware is different from Pegasus Spyware

Pegasus, developed in the year 2011, belongs to one of the most powerful family of spyware. Once it has infected, it can spear your phone and your text messages or emails. It has the ability to turn your phone into a surveillance device, from copying your messages to harvesting your photos and recording calls. In fact, it has the ability to record you through your phone camera or record your conversation by using your microphone, it also has the ability to track your pinpoint location. In contrast, newly Akira ransomware affects encrypting your files and preventing access to your Data and then asking for ransom n the pretext of leaking your data or for decryption.

How to recover from malware attacks

If affected by such type of malware attack, you can use anti-malware tools such as SpyHunter 5 or Malwarebytes to scan your system. These are the security software which can scan your system and remove suspicious malware files and entries. If you are unable to perform the scan or antivirus in normal mode due to malware in your system, you can use it in Safe Mode. And try to find a relevant decryptor which can help you to recover your files. Do not fall into a ransomware gang’s trap because there is no guarantee that they will help you to recover or will not leak your data after paying the ransom amount.

Best practices to be safe from such ransomware attacks

Conclusion

The Akira ransomware operation poses serious threats to various organisations worldwide. There is a high need to employ robust cybersecurity measures to safeguard networks and sensitive data. Organisations must ensure to keep their software system updated and backed up to a secure network on a regular basis. Paying the ransom is illegal mean instead you should report the incident to law enforcement agencies and can consult with cybersecurity professionals for the recovery method.

Introduction

Phone farms refer to setups or systems using multiple phones collectively. Phone farms are often for deceptive purposes, to create repeated actions in high numbers quickly, or to achieve goals. These can include faking popularity through increasing views, likes, and comments and growing the number of followers. It can also include creating the illusion of legitimate activity through actions like automatic app downloads, ad views, clicks, registrations, installations and in-app engagement. 

A phone farm is a network where cybercriminals exploit mobile incentive programs by using multiple phones to perform the same actions repeatedly. This can lead to misattributions and increased marketing spends. Phone farming involves exploiting paid-to-watch apps or other incentive-based programs over dozens of phones to increase the total amount earned. It can also be applied to operations that orchestrate dozens or hundreds of phones to create a certain outcome, such as improving restaurant ratings or App Store Optimization(ASO). Companies constantly update their platforms to combat phone farming, but it is nearly impossible to prevent people from exploiting such services for their own benefit.

How Do Phone Farms Work?

Phone farms are a collection of connected smartphones or mobile devices used for automated tasks, often remotely controlled by software programs. These devices are often used for advertising, monetization, and artificially inflating app ratings or social media engagement. The software used in phone farms is typically a bot or script that interacts with the operating system and installed apps. The phone farm operator connects the devices to the Internet via wired or wireless networks, VPNs, or other remote access software. Once the software is installed, the operator can use a web-based interface or command-line tool to schedule and monitor tasks, setting specific schedules or monitoring device status for proper operation.

Modus Operandi Behind Phone Farms 

Phone farms have gained popularity due to the growing popularity and scope of the Internet and the presence of bots. Phone farmers use multiple phones simultaneously to perform illegitimate activity and mimic high numbers. The applications can range from ‘watching’ movie trailers and clicking on ads to giving fake ratings and creating false engagements. When phone farms drive up ‘engagement actions’ on social media through numerous likes and post shares, they help perpetuate a false narrative. Through phone click farms, bad actors also earn on each ad or video watched. Phone farmers claim to use this as a side hustle, as a means of making more money. Click farms can be modeled as companies providing digital engagement services or as individual corporations to multiply clicks for various objectives. They are operated on a much larger scale, with thousands of employees and billions of daily clicks, impressions, and engagements.

The Legality of Phone Farms 

The question about the legality of phone farms presents a conundrum. It is notable that phone farms are also used for legitimate application in software development and market research, enabling developers to test applications across various devices and operating systems simultaneously. However, they are typically employed for more dubious purposes, such as social media manipulation, generatiing fake clicks on online ads, spamming, spreading misinformation, and facilitating cyberattacks, and such use cases classify as illegal and unethical behaviour.

The use of the technology to misrepresent information for nefarious intents is illegitimate and unethical. Phone farms are famed for violating the terms of the apps they use to make money by simulating clicks, creating multiple fake accounts and other activities through multiple phones, which can be illegal. 

Furthermore, should any entity misrepresent its image/product/services through fake reviews/ratings obtained through bots and phone farms and create deliberately-false impressions for consumers, it is to be considered an unfair trade practice and may attract liabilities. 

CyberPeace Policy Recommendations

CyberPeace advocates for truthful and responsible consumption of technology and the Internet. Businesses are encouraged to refrain from using such unethical methods to gain a business advantage and mimic fake popularity online. Businesses must be mindful to avoid any actions that may misrepresent information and/ or cause injury to consumers, including online users. The ethical implications of phone farms cannot be ignored, as they can erode public trust in digital platforms and contribute to a climate of online deception. Law enforcement agencies and regulators are encouraged to keep a check on any illegal use of mobile devices by cybercriminals to commit cyber crimes. Tech and social media platforms must implement monitoring and detection systems to analyse any unusual behaviour/activity on their platforms, looking for suspicious bot activity or phone farming groups. To stay protected from sophisticated threats and to ensure a secure online experience, netizens are encouraged to follow cybersecurity best practices and verify all information from authentic sources.

Final Words

Phone farms have the ability to generate massive amounts of social media interactions, capable of performing repetitive tasks such as clicking, scrolling, downloading, and more in very high volumes in very short periods of time. The potential for misuse of phone farms is higher than the legitimate uses they can be put to. As technology continues to evolve, the challenge lies in finding a balance between innovation and ethical use, ensuring that technology is harnessed responsibly. 

References

• https://www.branch.io/glossary/phone-farm/
• https://clickpatrol.com/phone-farms/
• https://www.airbridge.io/glossary/phone-farms#:~:text=A%20phone%20farm%20is%20a,monitor%20the%20tasks%20being%20performed
• https://innovation-village.com/phone-farms-exposed-the-sneaky-tech-behind-fake-likes-clicks-and-more/

‍