 |
| Image from Pixabay |
In
some countries in the world, criminal organizations kidnap poor devils and force
them to send out scams seventeen hours a day, said Nathaniel Gleicher, global
head of counter fraud from Meta this week at the annual ONE Conference
in The Hague.
Meta,
the parent company of Facebook, Instagram and WhatsApp, among others, is not
exactly the darling of privacy-minded citizens. But what Gleicher had to say at
this conference matters. Because let the above sink in for a moment: people are
being held against their will to bombard you, with bags under their red-rimmed
eyes, with deceptive messages. In my world, scam refers to deception via false
messages. For example, that text message about a troubled delivery, a WhatsApp message
that starts with "Hi dad, I have a new phone number" or an email in
which "the bank" announces a security check for which they need your
cooperation. In short, pretty much everything that can be classified as
phishing.
The
reprehensible activities of cybercriminals are a problem for Gleicher, because they
abuse his platforms. And apart from the moral obligation to do something about
it, Meta also has a clear business interest here: if users are confronted with
fraud on Instagram over and over again, they will eventually stay away, or at
the very least they will become so suspicious that they will no longer click on
anything, not even on bona fide contributions. And that means loss in revenues.
Meta
divides fraud and scams into three types of problems: actors, behavior, and
content. Actors include everything that has to do with false identity: you
think a message is from a friend or a celebrity, but in fact there is a
criminal behind it. Behavior includes everything a criminal does: deception,
spam, even playing on your (romantic) feelings. The content type of problem
encompasses celebrity bait, financial deals and charity, to name a few.
Gleicher
wants to combat this vigorously, but his billions of normal, well-intentioned
users should not suffer too much from it, because that would be bad for
business. And so he focuses on the malicious ones. An important part of that is
taking down fake accounts as quickly as possible. To do that, they look at the
behavior of an account. For example, if a biography states that you live in the
Netherlands, but all activity comes from a country far away, that is a red
flag. And they use artificial intelligence to detect whether someone is
misusing photos of celebrities. Think of a photo of Elon Musk with a golden tip
to purchase bitcoins 'via this link' .
Criminals
use mechanisms that are intended for honest people. Did you forget your
password? Then click on a link and you can set a new password via the email
sent to you. But if a criminal has hacked your email, he can do so on your
behalf (it is therefore important to realize that your email is by far your
most important account). Meta is trying to put a stop to this with innovative
developments. For example, they are currently piloting a new method for account
recovery: you have to supply a new selfie, which they compare to photos in your
profile. The idea behind this is that criminals cannot simply get a fresh
selfie of you.
Scams
run across multiple layers, such as social media and banks. This makes it
difficult for one party alone to recognize scams. At the ONE Conference,
Gleicher announced the FIRE program ( Fraud Intelligence Reciprocal Exchange),
in which British and Australian banks provide information to Meta. In an
earlier phase of the program, this had already led to the removal of some
20,000 fake accounts.
The
British talk about throwing a spanner in the works, the Americans throw a
wrench, but the Dutch throw sand. Hence the title of this blogpost: Meta throws
as much sand as possible in the works of internet criminals. You could say that
Gleicher is the sandman of social media.
And in the big bad world…
- Meta still
has a long way to go. [DUTCH]
- Meta has been heavily fined for insecurely storing millions of passwords.
- American customers of Kaspersky, which has since been banned there, were given an unsolicited installation of a different virus scanner.
- A British nuclear complex has been fined over cybersecurity shortcomings.
- Many
solar panel inverters contain a default password, rendering them vulnerable. [DUTCH]
- The Netherlands Cybercrime Monitor has been published. [DUTCH]
- The Netherlands withheld its support for the European CSAM proposal, which aims to combat child pornography by monitoring all devices. [DUTCH]
- Of course, even the police employ people who do not recognize all phishing.
- police officers were on the payroll of an American cybercriminal.
- you may not need a VPN at all.
.jpg)
No comments:
Post a Comment