AN impersonation attack is a type of cybercrime where a criminal poses as a known person to either steal money or use the impersonation to destroy someone’s reputation.
It’s something taking place in the political arena in Trinidad and Tobago.
These impersonation attacks are targeted attacks where a malicious actor pretends to be someone else thereby posting malicious messages and content to destroy the person’s image.
Hackers attempt to trick the readers by making them believe it’s the person they know – most likely a political person.
The main purpose of these attacks is to discredit the target so that the person is humiliated and their reputation destroyed. This is attained by using their email or login credentials to leverage cyberattacks and gain unauthorized access to systems and networks.
Email Impersonation Attacks are more prevalent now as many ministers in the current government and opposition members of parliament have been hit recently by these types of attacks.
One of the most common methods of an impersonation attack is when a hacker pretends to be the person and posts false information on Facebook.
In contrast to mass email phishing attacks that end up in the spam folder, impersonation attacks are highly sophisticated and targeted attacks.
Email impersonation attacks often contain malicious messages or images and links that can take the user to a compromised or malicious website that contains malware.
If an account doesn’t have multi-factor authentication, the hacker can easily gain access through knowing the person’s email address and even use it for other account takeovers and identity theft. Many people also use the same password for multiple sites, making it easier for cybercriminals to access multiple sites and accounts from that user.
A cyber attacker who successfully executes a Man-in-the-Middle Attack (MITM) impersonation attack can eavesdrop, utilise, modify, embarrass, prevent communications, and steal sensitive info and login credentials. MITM attacks are also very difficult to detect, as there are no misspellings in the header or email address.
Recently, I was a victim of a terrible cyber attack like this and this has caused me much concern and distress, to me and my family. My email was used to create a Facebook page that I had nothing to do with; however, the page was politically motivated to humiliate and ridicule me as the creator of the page.
The page was called the PNM Cabal which happens to mimic another page on Facebook with the same name. I was not involved in the posting of the page nor was I involved in the creation of the page, yet it was widely publicised that I was.
For people who are faced with these types of attackers although it can be dehumanising, depriving someone of human qualities, personality, or dignity I’m hoping these tips I’m providing will assist them to avoid being exploited by a MITM attack, people should be aware of :
People need to stop or avoid using unprotected, public Wi-Fi networks (like hotels, airplanes, and coffee shops);
Avoid using unsecured, non-HTTPS websites (usually notified via a tab pop-up above the browser); and
Make sure you log out of a chat APP after a public session so you are not targeted.
The public themselves must be protected and must be informed on how to Recognize MITM Impersonation.
Unusual requests that pop up should be immediately flagged and sent to the network administrator for investigation or you should sit down your system immediately. Unless a request can be verified directly in person, no actions should be taken until there is a final way to confirm it by using direct communication with the person. IT security teams in offices or At businesses should employ active traffic and network monitoring to quickly detect unauthorized access from a MITM attack.
These are just some ways to protect yourself from these types of attacks and can keep someone from undue exposure, stress and anxiety not to mention a damaged reputation for the future.
Neil Gosine is an insurance executive. He is also the treasurer of the UNC and a former chairman of the National Petroleum Marketing Company of Trinidad and Tobago. He holds a Doctorate in Business Administration, a Master’s in Business Administration MBA, BSC in Mathematics and a BA in Administrative Studies. The views and comments expressed in this column are not necessarily those of AZP News, a Division of Complete Image Limited.
PNM Cabal: My Cyber Attack
AN impersonation attack is a type of cybercrime where a criminal poses as a known person to either steal money or use the impersonation to destroy someone’s reputation.
It’s something taking place in the political arena in Trinidad and Tobago.
These impersonation attacks are targeted attacks where a malicious actor pretends to be someone else thereby posting malicious messages and content to destroy the person’s image.
Hackers attempt to trick the readers by making them believe it’s the person they know – most likely a political person.
The main purpose of these attacks is to discredit the target so that the person is humiliated and their reputation destroyed. This is attained by using their email or login credentials to leverage cyberattacks and gain unauthorized access to systems and networks.
Email Impersonation Attacks are more prevalent now as many ministers in the current government and opposition members of parliament have been hit recently by these types of attacks.
One of the most common methods of an impersonation attack is when a hacker pretends to be the person and posts false information on Facebook.
In contrast to mass email phishing attacks that end up in the spam folder, impersonation attacks are highly sophisticated and targeted attacks.
Email impersonation attacks often contain malicious messages or images and links that can take the user to a compromised or malicious website that contains malware.
If an account doesn’t have multi-factor authentication, the hacker can easily gain access through knowing the person’s email address and even use it for other account takeovers and identity theft. Many people also use the same password for multiple sites, making it easier for cybercriminals to access multiple sites and accounts from that user.
A cyber attacker who successfully executes a Man-in-the-Middle Attack (MITM) impersonation attack can eavesdrop, utilise, modify, embarrass, prevent communications, and steal sensitive info and login credentials. MITM attacks are also very difficult to detect, as there are no misspellings in the header or email address.
Recently, I was a victim of a terrible cyber attack like this and this has caused me much concern and distress, to me and my family. My email was used to create a Facebook page that I had nothing to do with; however, the page was politically motivated to humiliate and ridicule me as the creator of the page.
The page was called the PNM Cabal which happens to mimic another page on Facebook with the same name. I was not involved in the posting of the page nor was I involved in the creation of the page, yet it was widely publicised that I was.
For people who are faced with these types of attackers although it can be dehumanising, depriving someone of human qualities, personality, or dignity I’m hoping these tips I’m providing will assist them to avoid being exploited by a MITM attack, people should be aware of :
The public themselves must be protected and must be informed on how to Recognize MITM Impersonation.
Unusual requests that pop up should be immediately flagged and sent to the network administrator for investigation or you should sit down your system immediately. Unless a request can be verified directly in person, no actions should be taken until there is a final way to confirm it by using direct communication with the person. IT security teams in offices or At businesses should employ active traffic and network monitoring to quickly detect unauthorized access from a MITM attack.
These are just some ways to protect yourself from these types of attacks and can keep someone from undue exposure, stress and anxiety not to mention a damaged reputation for the future.
Neil Gosine is an insurance executive. He is also the treasurer of the UNC and a former chairman of the National Petroleum Marketing Company of Trinidad and Tobago. He holds a Doctorate in Business Administration, a Master’s in Business Administration MBA, BSC in Mathematics and a BA in Administrative Studies. The views and comments expressed in this column are not necessarily those of AZP News, a Division of Complete Image Limited.