For some, spoofing is just a bit of fun; watching videos of world leaders singing ridiculous songs draws plenty of laughs, even if we know they’re not real. As with most things though, not everyone’s in it for the giggles. There are some bad apples out there with the skill to make people not just question whether something is true or not, but outright convince them.
This is why MITA has come up with an entire campaign dedicated to the theme of not believing all you see. And they did it in a most innovative way too, taking one of Malta’s most recognizable faces and using a most natural duplicate!
Brothers in arms
How better to show the dangers of spoofing by having Frank from Nate, Frank & Rossi appear on screen with his twin brother Timmy, who also happens to be the Cybercrime Police Inspector? Standing together apart in a split-screen, the two speak of the dangers of spoofing and how to spot whether something is genuine or not.
They also mention how it’s up to us to avoid spreading misinformation, where prior to sharing links, we should verify whether the source is authentic, as otherwise, there can be some pretty dire consequences for those around us.
What is spoofing exactly though?
A spoofing attack in the digital world is when one with bad intentions pretends to be someone or something else in a bid to gain someone else’s trust. Normally, it consists of two elements, the first being spoof material, such as a fake website or e-mail. The next is where the real human deviousness comes in.
In what is referred to as social engineering, our own instincts are used against us, as the impostor gets the victim or victims to act against their better nature and in favour of the impostor’s. One example would be an e-mail that was supposedly sent by a senior employee within a company, requesting payment or settlement of outstanding bills.
Seeing similar messages seemingly come from people in positions of power, or authorities we rely on already puts us in a certain mindset. What the attacker will then do is use psychological manipulation to instil a sense of fear, reputational damage as well as destabilization. All of this put together can leave a person bewildered and even afraid to seek help.
So, what can we do, before and after attacks have happened?
Do’s, don’ts and what to look out for
Thankfully, MITA has come up with a handy list of things not to do, what to do and of course, what to be on the lookout for. All of this might seem pretty standard to some, but the truth is that not only does it need to be shouted louder for everyone to hear, but anyone can get caught off-guard.
Don’ts
Do not click on links or open attachments from unfamiliar sources.
Do not answer emails or calls from unrecognized senders.
Do not give out personal information online.
Do’s
Where possible, set up two-factor authentication.
Use strong passwords; use password managers to ensure you keep yours safe and sound
Review your online privacy settings.
Keep your network and software up to date.
In terms of things to keep an eye out for, if you see a website, e-mail or message with incorrect spelling and grammar, there’s a chance that’s it’s a spoof attack. If it’s coming from an entity or authority, check for strange or distorted logos, images, colours, branding or missing content. Keep in mind that these malevolent agents are good at what they do and what is fake appears more real by the day.
Should you suspect a spoofing attack, or have already fallen victim to one, make sure to get in touch with the relevant authorities and make a report You can save yourself and many others a world of trouble.
Share this article and spread awareness!
