This blog was written by an independent guest blogger.
The rise of social media has no doubt been one of the major revolutions of the 21st century. It’s brought about a whole new way for people to connect and share information with others, regardless of their geographical locations. But along with these more noble intentions of social media, there will always be abuse of these platforms – and one of the big ones is the spread of disinformation.
dis·in·for·ma·tion | \ (ˌ)dis-ˌin-fər-ˈmā-shən \
Definition of disinformation
: false information deliberately and often covertly spread (as by the planting of rumors) in order to influence public opinion or obscure the truth
Cybercriminals also use this tactic as a way to spread fear or force less scrupulous members of the public down a route that furthers their own agendas, or indeed defrauds them. A classic example of this is the COVID-19 pandemic. In March, the Telco Security Alliance identified a 2000% increase in COVID related IoCs in its report. One notable tactic used was cybercriminals attempting to impersonate the CDC to get users to take a test or download malicious executables.
While these email fraud attempts on their own might not seem like they would be effective to the discerning recipient, combine them with the barrage of social media posts these people might see in a given day – and you have what psychologists call an “illusory truth effect”. This refers to the phenomenon where people start to believe statements they see repeated time and again more than non-repeated ones. The more a person sees a piece of information, the more likely there are to start believing that it’s true. So, when we look at the COVID-19 scenario – just consider how much information gets repeated daily online and on social media in relation to vaccines and so-called “cures”. Now say that user has seen these pieces of disinformation repeatedly within their social networks posted by people they trust – combined with the fear they may already be feeling about the situation – s/he will be more vulnerable to attempts by cybercriminals to defraud them.
This has huge impacts on the general public, as well as organizations whose employees all have potentially exploitable email addresses and mobile devices and is a topic that will be explored more in-depth during Security Serious Week: Action Against Disinformation taking place 26th – 30th October 2020. You can also catch AT&T Cybersecurity’s own Theresa Lanowitz on Thursday 29th October on the panel discussion: Duped, Deluded, Deceived: How Disinformation Defrauds You. The virtual panel session will unpack how cybercriminals use disinformation to manipulate individuals and how we can protect employees from falling foul of these attempts.