From April to June 2023, civil society organizations and activists were regularly attacked — from phishing attacks to restrictions on social media accounts. During this period, Digital Security Lab recorded 13 such incidents. Some of them were successful.
Let us present the examples of such attacks and provide recommendations on how to avoid the danger.
Among the identified incidents: 5 phishing attacks, 3 attempts to hack accounts (1 successful), 5 restrictions on social networks: 2 due to violations, 3 due to social network malfunctions.
Phishing
We recorded 5 phishing attacks: 4 of them contained a link to a phishing site, and 1 contained a malware file.
For example, one of the investigative journalists received 3 phishing emails at once (we consider this to be one incident) with the same link. The letter reported an attempt to log into the Google account from Russia and offered to change the password. The link led to a phishing site with a password reset form.
Other groups of investigative journalists received an almost identical letter in February and November 2022.
Recommendations: If you receive a message about an unknown login to your account, you can make sure if it is true in active sessions. Moreover, some social networks (Facebook, Instagram) allow checking security emails in the security settings. In Google’s security settings, you can view “Recent suspicious activity.”
Account hacking
We recorded 3 attempts of hacking on social networks. 1 of them was successful — the attackers gained access to the Viber account, probably due to the interception of SMS. After the attackers gained access, they turned on two-factor authentication — this made it impossible to return the account to the real owner.
Recommendations:
Use two-factor authentication in messengers. Remember to add a backup email address in case you lose your password.
Social media restrictions
Restrictions on social media continue. It is probably still happening en masse, but we’ve been contacted twice this quarter regarding the issue. Facebook bugs were also reported. Thus, we have recorded 3 cases where users could not access the account: they were logged out and could not log back into the account.
Recommendations: In case of restrictions, be sure to appeal and contact support. Unless it works, you can contact the Digital Security Lab (we only work with the media, civil society activists, human rights defenders, and volunteers).
Disclaimer: the material only contains the incidents that the Digital Security Lab worked with or encountered from April to June 2023.