Social engineering, and spyware threats to Syrian journalists

Updated:June 2015

Social engineering, and spyware threats to Syrian journalists

All sides in the Syrian conflict are developing new ways to spy on digital communications. Here's how to protect yourself.

 


Malware and spyware

Being targeted with malware and spyware is a growing trend in Syria, and journalists are often a prime target. Sometimes it’s because of the stories they’re working on. Often times it’s because of the contacts they may have. You may be targeted to access information, or so that a hacker can pretend to be you to target others.



People generally infect their own computers in one of three ways:
  • Downloading a disguised file from the internet;
  • Clicking on links which will secretly download malware without their knowledge;
  • Opening an attached file in an email that looks like something legitimate.
How to avoid infecting your computer
  • Keep your anti-malware regularly updated.
  • Check the size of the file being downloaded.
  • Make sure the file name matches what you through it should be.
  • Look it up. Can you find warnings about this file by entering its name in a search engine?
  • Use genuine software; unregistered or pirated software can sometimes be fake, or could be carrying hidden malware.
  • Download it using official links from the software maker. This includes pay-for software or open source and free software.
GET MORE FROM CYBER ARABS
   

 

Social engineering

Social engineering happens when another person tricks you into doing something you wouldn’t want to do on the internet in order to hack your computer or mobile or those of people you know. The goal is one of two things:
 
  1. To get you to download software that will spy on you.
  2. To get you to accidently reveal enough information that lets them find your password or take over your accounts.


This is increasingly common practice in Syria. Someone may try to convince you that you’ve met them somewhere before. Or they could try to befriend you by saying they saw your profile online and wanted to chat. Eventually, they’ll want to ask you more and more personal information, or will offer you a file to download. Don’t do it! How to avoid being socially engineered:
 
  • Be suspicious of new contacts online. Don’t automatically accept new friends you don’t know on Facebook or other social sites.
  • Increase your privacy settings on social networks so that it’s harder to find your or to find out more about you unless you’ve got a number of mutual friends in common.
  • Ask a lot of questions about the person. If they say that you’ve got a mutual friend, check with that person through another method, like calling them.
  • Never download anything from someone you’ve just met online or from anyone you’re not expecting a download from.
  • Don’t add strangers to your Skype, WhatsApp or Viber accounts and be suspicious of un-invited contacts.
  • Never pass on any confidential information to someone you’ve never met in person. Always consider: who is this person? How do I know them? Why would they be asking for this?


GET MORE FROM CYBER ARABS
 
Created: April 2015

Help us be a better resource!

Give us feedback about this page. What was helpful here, or what could be included to make it more useful?

Create a comment
Create a Comment
  • Security code

This website uses cookies. For more information about these please click here.
By continuing to browse you consent to the use of cookies

News letter sign up