The U.S. FBI has issued a warning about an uptick in malicious actors using “deepfakes” (the manipulation of benign photographs or videos) to target victims in a new wave of sextortion schemes.
Looking into the dangers of this new form of attack upon everyday citizens, John Wilson, senior fellow of threat research at the cybersecurity company Fortra tells Digital Journal that it pays to be cautious.
Wilson explains: “Because everything can be spoofed, from websites and emails to phone numbers and caller IDs, it’s easy for trusting teens and even adults to be duped into believing they’re interacting with someone they know, or someone they admire and would like to know.”
Furthermore, there are many avenues to exploit: “Social media, email, games, chat rooms and cell phones give scammers plenty of ways to reach and extort individuals once they make a connection and establish trust.”
The different forms that scams can take are becoming more sophisticated. Wilson assesses: “Aside from deepfakes, there’s another type of sextortion scheme that doesn’t involve the exchange of explicit photos.”
With this example, Wilson dissects: “A scammer will send an email or direct social media message telling the child they’ve got access to their computer and webcam and have been recording them and the explicit sites they visit. The scammer threatens to tell the victim’s family and friends if they don’t send money. In actuality, the scammer doesn’t have access and is just hoping the victim is scared enough to pay up.”
Different demographic groups have varying levels of vulnerability, as Wilson notes: “Not everything and everyone is a threat, but kids and teens need a healthy level of suspicion in their interactions with unknown people and sites. Parental controls can only do so much.”
Wilson stresses the importance of having the “other” talk to help educate young people about how to navigate the Internet safely.
For concerned readers, Wilson advises:
Keep the lines of communication open
Your kids need to feel safe coming to you even if they’re in an awkward or embarrassing situation. If possible, start talking with them before they really get active online. Let them know you’ll figure out problems together.
Think carefully about photos
Reinforce that once a photo is shared, it cannot be controlled. Any image could wind up on a forum for all to see, including a Snapchat exchange captured as a screenshot. Remove location information from photos by updating the exchangeable image file (EXIF) data. And it might sound obvious, but ensure your kids know never to send nude photos. It could even be a felony if they’re underage.
Think before you post
Remind kids that what’s shared on the internet is permanent. That unseemly party pic they get tagged in at 17 could cost them a job five years later when a prospective employer does social media due diligence.
Don’t respond directly to inbound requests
The rule is if it’s inbound and unexpected, don’t give out any information. Hang up and verify contact information via a secondary channel before responding. Click on the sender’s name in the email header to view the actual domain. Many times, the sender isn’t who you think it is.
Practice what you preach Parents also need to be careful of how much information they post online about their families. Sharing the location of soccer practice and friends’ names is valuable intel for scammers to use in befriending kids with accurate details that build trust. Also review your social media account privacy settings and lock down access to your profile and posts so only trusted contacts can see them.