ITSecurity TrainingsecuritycomplianceSecurityThreats

Catfishing Illegal? Spearfishing on Steroids?

Threatpost has the story  in Utah legislation work.

 

Let’s explain some catfishing:

“The practice of catfishing often occurs in online dating or social-networking scenarios in which someone takes someone else’s personally identifiable information–such as photos, addresses, educational history or professions–to pretend to be that person to seem more attractive or interesting to people they meet online. It also serves to hide someone’s own identity in some way.”

So what happens is that criminals (and political actors in some countries) are posing as young girls to scam US armed forces people of money.  $560k was scammed in 2018

I am sure that you know the term ‘Phishing’: where an email comes in to lure you into clicking on links and/or attachments so that the criminal hacker can get something downloaded into your computer to perform the hacker’s goals. This term ‘catfishing’  has to do with the criminal hacker impersonating someone so that they can make you give them money  or other important information:

 

2017 “an APT with ties to the Iranian government also used a similar lure by creating an online identity called Mia Ash, who appeared to be a 20-something London-based photographer and amateur model with an interest in tech-savvy guys with ties to the oil and gas industry. The threat group used the persona to target telecommunications, government, defense, oil and financial services firms located in the Middle East and North Africa.somehow.”

 

remember an APT is an Advanced Persistent Threat , a special program to get installed on your computer which gives control to the criminal hacker (in this case middle east oil and gas workers.

Remember you are on the Internet, people are impersonating to be just about anything. Utah of all places is making this ‘illegal’. I am sure if another statute is read correctly it would say that is illegal as well. Utah has just made it specifically illegal (you cannot impersonate another person with their information).

Contact us to discuss working on your Security policy,

The book coming soon will help you in making a security policy, while discussing malware with phishing.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.