#FactCheck-Viral Fire Video Falsely Linked to Hezbollah Strike on Israeli Military HQ

Executive Summary:
‍

The ongoing conflict between Iran and the US-Israel has entered its 19th day. Meanwhile, a video is being widely shared on social media claiming that Iran is carrying out continuous drone attacks at Dubai International Airport. The clip shows visuals of massive fire and explosion However, research by the CyberPeace has found the claim to be misleading. Our research revealed that the video has been available on the internet since 2020. In reality, the footage shows a fire at a market in Ajman, UAE, and not explosions at Dubai Airport in 2026. Although there were recent reports of a fire near DXB (Dubai Airport) following a drone attack, this video is not related to that incident.

‍

Claim:

‍

On social media platform X (formerly Twitter), a user shared the viral video on March 17, 2026, writing:

“Dubai International Airport – Iran is dropping drones continuously.”

‍

Post link, archive link, and screenshot are given below:
‍

• https://x.com/i/birdwatch/t/2033797729860935707?source=6 
• https://ghostarchive.org/archive/A6jAv 

‍

‍

‍

Fact Check:

‍

To verify the viral claim, we extracted keyframes from the video and conducted a reverse image search using Google Lens. During the research, we found the same video on a YouTube channel, where it was uploaded on August 6, 2020. The caption read: “Ajman fruits and vegetables market caught in fire.”

• https://www.youtube.com/shorts/0wUIORMK5x8 

‍

‍

Based on this clue, it became clear that the viral video has no connection with the ongoing Iran-US-Israel conflict. In the next step, we searched using relevant keywords and found a report published on August 5, 2020, on the website of Gulf News, which contained visuals similar to the viral video.

• https://gulfnews.com/uae/watch-fire-breaks-out-in-ajman-market-1.73002373 

‍

‍

According to the Gulf News report, a major fire broke out at a public market in the new industrial area of Ajman at around 6:30 pm. The blaze was later brought under control by Ajman Civil Defence with assistance from teams in Dubai, Sharjah, and Umm Al Quwain.

‍

Conclusion:

‍

Our research found that the viral video has been online since 2020 and shows a fire at a market in Ajman, UAE. It is not related to any recent incident at Dubai Airport.

‍

Introduction

‍

Raksha Bandhan is a cherished festival which is celebrated every year on the full moon day of the Hindu month of Shravan. It is a festival that represents the love, care, and protection that siblings share. This year, Raksha Bandhan falls on 09th August 2025. On this day, sisters tie a sacred thread known as Rakhi on their brothers' wrists as a symbol of love and protection, and in return, brothers promise to safeguard them in all walks of life. The origin of this festival traces back to the Mahabharata, when lord Krishna injured his finger. To bandage the wound, Draupadi, also known as Panchali, tore a piece of her saree and tied it on Krishna's finger. Krishna was touched by her selfless gesture and promised to always protect her, a promise he fulfilled during Drapadi’s time of greatest need. 

Today, in the evolving world driven by technology in all aspects of life, the nature of threats has evolved. In this digital age, physical safety alone is no longer enough. Alongside the traditional vow, there is now a growing need for another promise, the promise of Cyber Raksha (Cyber Safety). As we celebrate the spirit of Raksha Bandhan, this year also take the pledge of offering and taking care of the Cyber Suraksha of your sibling. 

‍

Ek Vaada Cyber Raksha ka 

‍

All the brothers and sisters share the bond of mutual care and responsibility. In the evolving threats of cybercrimes, they must understand the vulnerabilities they might face and the cyber safety tips they should be aware of to protect themselves. You must promise to guide, protect each other from online dangers, and help understand the importance of digital safety.  Hence, this Raksha Bandhan, let’s also tie a knot of cyber awareness, responsibility, and digital protection,  because true raksha in today’s age is not only about protection in the offline world, it is about protection in both the offline and online world. 

CyberPeace has curated the following best practices for you to consider in your life and also to share with your sisters and brothers.

‍

Password Security

‍

‍It is most important to realise that cybercrooks mostly have their eyes on your passwords to target and gain access to your accounts or information. Scammers try multiple ways to get access to your passwords by way of various methods such as OTP frauds, Fake login pages (spoofing), Social engineering, Credential stuffing, Brute-force attacks, phishing, etc. 

‍

Quick Tips 

‍

• Use strong passwords.
• Regularly update passwords.
• Use separate passwords for different accounts.
• Use secure & trusted password managers.
• Use two-factor authentication for an extra layer of security.
• Make sure not to save passwords on random devices.

‍

Social Media Security

‍

‍There are endless cyber scams that take place through social media, such as identity theft, cyberbullying, cyber stalking, online harassment, data leaks, suspicious links leading to phishing and malware, exposure to inappropriate content, etc. It becomes important for netizens to protect their accounts, data, and online presence on social media platforms from the growing cyber threats.

‍

Quick Tips

‍

• Review app permissions and do not give any unnecessary app permissions.
• Keep your account private or customise your privacy settings as per your needs.
• Be cautious while interacting with strangers.
• Do not click on any suspicious or unknown links.
• Make sure to log out in case you have to log in to your social media on an unfamiliar device, and update your password to prevent unauthorised access.
• Always use Two-Factor authentication for your social media accounts.
• Avoid sharing too much of your personal information on the public story or public posts. This can be used by cybercriminals for social engineering.
• Use the report & block function to protect yourself from spam accounts and unwanted interactions.
• If you encounter any issue, report it to the ‘Platform’s reporting mechanism at the ‘Help Centre’.
• One can also reach out to the platform’s grievance officer.

‍

Device Security

‍

In today’s world, the interconnectedness is unavoidable, your devices, be it smartphones, tablets, laptops are not just tools, they are digital extensions of yourself. They contain your discussions, recollections, private information, and frequently your financial and professional information. Safeguarding your devices in the digital world can be equated with safeguarding your physical possessions against undesirable encroachments. Just like a sibling would never let anyone invade your privacy, you too must promise to keep your devices secured against malicious threats like malware, spyware, ransomware, and unauthorized access.

‍

Quick Tips

‍

• Update your apps, browsers, and operating systems frequently; these updates frequently contain security vulnerabilities.
• Install reliable anti-virus and anti-malware software, then perform routine device scans.
• Do not download files or apps from unidentified sources.
• Avoid using open or unprotected public Wi-Fi for private activities like email or banking. 
• Employ screen locks (passwords, biometrics, or PINs) to stop unwanted physical access.
• Enable remote wipe or ‘find my Device’ functions in case your device is lost or stolen.

‍

Digital Payments Security

‍

‍Rakshabandhan is all about giving, but let’s not make it easy for cyber fraudsters to take! Convenience can come at a great cost. It often comes with a danger of fraud, phishing, and money-stealing schemes, as evidenced by the rise in digital payments and UPI transactions. But by being cautious, one can avoid being defrauded.  Whether you’re gifting a sibling online or shopping for festive deals, promise yourself and your loved ones that you’ll transact wisely and safely.

‍

Quick Tips

‍

• Never give out your bank credentials, CVV, OTP, or UPI PIN to anyone, even if they seem trustworthy before extensively verifying their credentials.
• Before completing a transaction, confirm the account information or UPI ID.
• Refund or payment links sent by WhatsApp accounts or unknown numbers should not be clicked. 
• Use only trusted apps (like BHIM, PhonePe, Google Pay, etc.) downloaded from official app stores.

‍

Email Security

‍

Your email serves as a key to your digital kingdom and serves as more than just a tool for communication. Your email frequently connects everything, from banking to social networking. Scammers use phishing assaults, malware attachments, and impersonation frauds to target it first.  Just like a sibling watches your back, watch your inbox. Make a vow not to fall for the digital bait.

‍

Quick tips

‍

• Never open attachments or links in emails that seem strange or suspicious.
• Subject lines that evoke fear, such as “Account Suspended,” “Urgent Action Required” should be avoided. 
• Verify the sender’s email address at all times because scammers frequently use little misspellings to deceive you.
• Set up two-factor authentication and create a secure, one of a kind password for your email accounts.
• Avoid using unprotected Wi-Fi networks or public computers to check your email.
• Avoid responding to spam emails or unsubscribing through dubious links as this could give the attacker your address. 

‍

Common scams to watch out for

‍

Festive deals scams

‍

As the festive season sales surge in India, so does the risk of cyber scams. Cyber crooks exploit the victims and urge them to share OTPs under the guise of preventing fraudulent activity, sharing malicious links to get sensitive information. 

‍

Mis-disinformation 

‍

The spread of mis-disinformation has surged on social media platforms. It spreads like wildfire across the digital landscape, and the need for effective strategies to counteract these challenges has grown exponentially in a very short period. ‘Prebunking’ and ‘Debunking’ are two approaches for countering the growing spread of misinformation online.

‍

Deepfake and Voice cloning scams

‍

By using the Deepfake technology, cybercriminals manipulate audio and video content which looks very realistic but, in actuality, is fake. Voice cloning is also a part of deepfake. To create a voice clone of anyone's, audio can be deepfaked too, which closely resembles a real one but, in actuality, is a fake voice created through deepfake technology. 

‍

Juice Jacking

‍

Cybercriminals can hack your phone using or exploiting some public charging stations, such as at airports, Malls, hotel rooms, etc. When you plug your cell phone into a USB  power charger, you may be plugging into a hacker. Juice jacking poses a security threat commonly at places that provide free charging stations for mobile devices. 

‍

Suspicious links & downloads

‍

Suspicious links & downloads can lead you to a phishing site or install malware into your system, which can even lead to compromise your device, expose sensitive data, and cause financial losses.

‍

Conclusion

‍

This Rakhi, ensure your and your sibling’s online safety and security by being cybersafe and smart. You can seek assistance from the CyberPeace Helpline at helpline@cyberpeace.net

‍

‍

Introduction
‍

How Generative Artificial Intelligence, or GenAI, is changing the employee workday is no longer limited to writing emails or debugging code, but now also includes analysing contracts, generating reports, and much more. The use of AI tools in everyday work has become commonplace, but the speed at which companies have adopted these technologies has created a new kind of risk. Unlike threats that come from an outside attacker, Shadow AI is created inside an organisation by a legitimate employee who uses unapproved AI tools to make their work more efficient and productive. In many cases, the employee is unaware of the potential security, data privacy, and compliance risks involved in using such tools to perform their job duties.
‍

What Is Shadow AI?

‍

Shadow AI is when individuals use AI tools at work that aren’t provided by the company, like tools or other software programs, without the knowledge or permission of the employer. Examples of shadow AI include:

‍

1. Using personal ChatGPT or other chatbot accounts to complete tasks at the office
2. Uploading business-related documents to online AI technologies for analysis or summarisation.
3. Copying proprietary source code into an online AI model for debugging
4. Installing browser extensions and add-ons that are not approved by IT or Security personnel.

‍

How Shadow AI Is Harmful

‍

1. Uncontrolled Data Exposure

When employees access or input information into their user-created AI, it becomes outside the controls of the company, such as both employee personal information and any third-party personal information, private company information (such as source code or contracts), and company internal strategies. After a user enters data into their user-created AIs, the company loses all ability to monitor how that data is stored, processed, or maintained. A data leak situation exists without a malicious cyberattack. The biggest risk of a data leak is not maliciousness but rather the loss of control and governance over sensitive data.

‍

2. Regulatory and Legal Non-Compliance

Data protection laws like GDPR, India’s Digital Personal Data Protection (DPDP) Act, HIPAA, and other relevant sectoral laws require businesses to process data in accordance with the law, to minimise the amount of data they use, and to be accountable for their actions. Shadow AI often results in the unlawful use of personal data due to a lack of a legal basis for the processing, unauthorised cross-border data transfers, and not having appropriate contractual protections in place with their AI service providers. Regulators do not see the convenience of employees as an excuse for not complying with the law, and therefore, the organisation is ultimately responsible for any violations that occur.

‍

3. Loss of Intellectual Property

Employees frequently use AI tools to speed up tasks involving proprietary information—debugging code, reviewing contracts, or summarising internal research. When done using unapproved AI platforms, this can expose trade secrets and intellectual property, eroding competitive advantage and creating long-term business risk.

‍

Real-Life Example: Samsung’s ChatGPT Data Leak

‍

In 2023, a case study exemplifying the Shadow AI risk occurred when Samsung Electronics placed a temporary ban on employee access to ChatGPT and other AI tools after reports from engineers revealed they were using ChatGPT to create debugging processes for internal source code and to summarise meeting notes. Consequently, confidential source code related to semiconductors was inadvertently uploaded onto a public AI platform. While there were no known incursions into the company’s system due to this incident, Samsung faced a significant challenge: once sensitive information is input into a public AI tool, it exists on external servers that are outside of the company’s purview or control.

As a result of this incident, Samsung restricted employee use of ChatGPT on corporate devices, issued a series of internal communications prohibiting the sharing of corporate data with public AI tools, and increased the urgency of their discussions regarding the adoption of secure, enterprise-level AI (artificial intelligence) solutions.

‍

What Organisations Are Doing Today

‍

Many organisations respond to Shadow AI risk by:

‍

1. Blocking access at the network level
2. Circulating warning emails or policies

‍

While these actions may reduce immediate exposure, they fail to address the root cause: employees still need AI to perform their jobs efficiently. As a result, bans often push AI usage underground, increasing Shadow AI rather than eliminating it.

‍

Why Blocking AI Does Not Work—Governance Does

‍

History has demonstrated that prohibition does not work - we see this when trying to block access to cloud storage, instant messaging and collaboration tools. Employees are forced to use personal devices and/or accounts when their employers block AI, which means employers do not have real-time visibility into how their employees are using these technologies, and creates friction with the security and compliance team as they try to enforce the types of tools their employees can use. Prohibiting AI adoption will not stop it from being adopted; it will just create a challenge for employers regarding how safe and responsible it is. The challenge for effective organisations is therefore to shift from denial and develop governance-first AI strategies aimed at controlling data usage, protection and security, rather than merely restricting access to a list of specific tools.

‍

Shadow AI: A Silent Legal Liability Under the GDPR

‍

Shadow AI isn't a problem for the Information Technology Department; it is a failure of Governance, Compliance and Law. By using AI tools that have not been approved as a result, the organisation processes personal data without a lawful basis (Article 6 of the General Data Protection Regulation (GDPR)), repurposes data for use beyond its original intent and in breach of the Purpose Limitation (Article 5(1)(b)), and routinely exceeds necessity and in breach of Data Minimisation (Article 5(1)(c)). The outcome of these actions is the use of tools that involve International Data Transfers Without Authorisation and are therefore in breach of Chapter V, and violate Article 32 because there are no enforceable safeguards in place. Most significantly, the failure to demonstrate Oversight, Logging and Control under Articles 5(2) and 24 constitutes a failure in Accountability. Therefore, from a Regulatory perspective, Shadow AI is not accidental and is not defensible.

The Right Solution: Secure and Governed AI Adoption

‍

1. Provide Approved AI Tools

‍

Employers have an obligation to supply business-approved AI technology for helping workers to be productive while maintaining maximum protections, like storing data separately and not using employees' data for training a model; defining how long data is kept, and the rules around deleting that data. When employees are provided with verified and secure AI options that align with their work processes, they will rely significantly less on Shadow AI.

‍

2. Enforce Zero-Trust Data Access

‍

The governance of AI systems must follow the principles of "zero trust," granting access to data only through the principle of "least privilege," which means that data access will only be allowed by the system user, and providing continuous verification of user-identity and context; this supports and helps establish context-aware controls to monitor and track all user activities, which will be especially important as agent-like AI systems become increasingly autonomous and are capable of operating at machine-speed where even small errors in configuration, will result in rapid and large expose to data.

‍

3. Apply DLP and Audit Logging

‍

It is important to have robust data loss prevention measures in place to protect sensitive data that is sent outside an organisation. The first end user or machine that accesses the data should be detailed in a comprehensive audit log that indicates when and how the data is accessed. In combination with other controls, these measures create accountability, comply with regulations, and assist with appropriately detecting and responding to incidents.

‍

4. Maintain Visibility Across AI, Cloud, and SaaS

‍

Security teams need unified visibility across AI tools, personal cloud applications, and SaaS platforms. Risks move across systems, and controls must follow the data wherever it flows.

Conclusion

‍

This new threat exposes an organisation to the risk of data loss through leaks, regulatory fines, liability for the loss of intellectual property, and reputational damage, all of which can occur without any intent to cause harm. The way forward is not to block AI, but to adopt a clear framework built on governance, visibility, and secure enablement. This approach allows organisations to use AI with confidence, while ensuring trust, accountability, and effective oversight to protect data and support AI in reaching its full transformative potential. AI use is encouraged, but it must be done responsibly, ethically, and securely.

‍

References 

‍

1. https://bronson.ai/resources/shadow-ai/
2. https://www.varonis.com/blog/shadow-ai
3. https://www.waymakeros.com/learn/gdpr-hipaa-shadow-ai-compliance-nightmare
4. https://www.forbes.com/sites/siladityaray/2023/05/02/samsung-bans-chatgpt-and-other-chatbots-for-employees-after-sensitive-code-leak/
5. https://www.usatoday.com/story/special/contributor-content/2025/05/23/shadow-ai-the-hidden-risk-in-todays-workplace/83822081007

‍