Tech Beat by Namecheap – 23 February 2023
Social engineering attacks are continually growing in sophistication, and one new form, in particular, is tricking its victims out of billions of dollars. Learn about the rise of ‘pig butchering’ scams and what you need to know.
In other news
- Google is expanding its ‘Pre-bunking’ campaign. Google plans to bring its video and photo campaign against online misinformation to Germany and India. According to Gizmodo, “pre-bunking” shows people how to distinguish false information and manipulated facts online before they are even exposed to them. The campaign shows short videos and photos in ad slots across platforms like YouTube, TikTok, Twitter, and Facebook. Studies from Cambridge and Bristol Universities found that after exposure to pre-bunking campaigns, people were 5% better, on average, at identifying common disinformation tactics. The tech giant first tested the campaign in the US, focusing on Covid-19 vaccine misinformation, later expanding to Poland, the Czech Republic, and Slovakia, addressing widely perpetuated false claims regarding Ukrainian refugees.
- Da Vinci pondered the question of gravity before Galileo and Newton. Leonardo da Vinci apparently beat Galileo Galilei by a century in working out the basic concept of gravity. A team of engineers who studied da Vinci’s backward writings in the Codex Arundel discovered that the famed artist, scientist, and inventor pondered the nature of gravity in the 15th century, Gizmodo reports. Using experiments involving pitchers, sand, and water, da Vinci sought to understand the relationship between the acceleration of the pitcher and falling objects affected by gravity. It is a testament to da Vinci’s multifaceted genius that his notebooks still contain undiscovered secrets for future scientists and art historians to discover.
- Multi-year hack impacted GoDaddy. Unknown attackers breached GoDaddy’s cPanel shared hosting environment in a multi-year campaign, stealing source code and installing malware on its servers. As reported in Bleeping Computer, the company discovered the security breach in early December 2022, following customer reports of their sites being used to redirect to random domains. While GoDaddy is working with external cybersecurity forensics experts and law enforcement agencies worldwide, the breach is linked to previous ones in November 2021 and March 2020. The company says it has evidence linking the attackers to a broader campaign that targeted other hosting companies worldwide over the years, indicating their goal is to infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities.
- AI-powered chatbots causing chaos in the literary world. The popular sci-fi magazine Clarkesworld is temporarily halting short story submissions due to the recent surge in writers submitting stories written by AI, as reported in PC Magazine. The magazine’s editor, Neil Clarke, warned about AI-written works’ danger to the short-story ecosystem. Although he acknowledged in a blog post that AI stories demonstrated some obvious patterns, he declined to say more, noting that he had “no intention of helping those people become less likely to be caught.” We can only assume that as AI use continues to grow, many other literary markets may soon be forced to follow in Clarkesworld’s footsteps.
- Many top online stores are reckless with customer data. New research from Sansec has found that the poor security practices of many online stores put customers at risk of identity theft, extortion, and other cyber attacks. According to TechRadar, Sansec’s report found that 12% of stores analyzed potentially expose private customer data by storing backups in public folders. These backups contain sensitive data like personally identifiable customer information, database passwords, and secret administrator URLs. For online criminals on the lookout for potential victims, these public folders make it easy for them.
- Restricting AI use in warfare. Representatives from over 60 countries, including the US and China (but notably not Russia), gathered for the first Global Summit on Responsible Artificial Intelligence in the Military Domain (REAIM). As reported in The Register, the group signed a call to action to establish international military AI norms and address the challenges of AI unreliability and potential for escalation, and the need for human decision-making. Attendees at the summit hope that the creation of a Global Commission on AI will raise awareness of responsible military use of AI. The participants acknowledged that the use of AI in warfare poses a threat, and immediate action must be taken to avoid humanitarian disasters or war crimes.
- A robot rideshare? Amazon’s self-driving Zoox robotaxi is hitting public roads in northern California, offering a whole lot of sensors and a cube-like design, but zero steering wheels. For now, TechCrunch notes that the vehicles will only be available to Zoox employees, and will operate as a shuttle service between the company’s two main buildings in Foster City, California, a two-mile route. According to the CEO Aicha Evans, this is a complex route with several turns and traffic lights as well as pedestrians and bicyclists—which should serve as a warning to everyone walking or cycling in Foster City.
Tip of the week: Shop safe and utilize all security options online
With the news of innovative phishing efforts and hacks at popular online e-commerce sites, it’s worth a reminder to always take advantage of the security options websites provide.
- Enable multi-factor authentication if the website offers it.
- Always use strong passwords, and ensure each website password is unique.
- Do not give out your password or other account information to anyone who calls, texts, or emails you purporting to be with a company you have done business with.
- Change your passwords regularly, especially at financial institutions, email providers, domain and hosting providers, and large e-commerce sites.
- Always view investment and “get rich quick” schemes skeptically, even if they come from a seemingly trusted source.