Cybersecurity Alerts

Cybersecurity alerts provide timely information about current security issues, vulnerabilities, and threats. If you are a B.C. Public Service employee and believe your system may be compromised or at risk, please contact the 7-7000 Service Desk via email or phone 1-866-660-0811, option 3.

Security Alerts


 

SEPTEMBER 21  |  SUBJECT: (Attention <your name>) | Re-authenticate 2 Factor Authentication (2Fa) | 09/19/2023

You may have received an email earlier from senders:

ryu@lime.plala.or.jp

toshi.nezawa@nifty.com

sakaki25@ballade.plala.or.jp

hashimoto@oasharp.co.jp

kobayashi.yoshimi@white.plala.or.jp

sodeyama.pr@lime.plala.or.jp

kawamitu@lime.plala.or.jp

bimschas@cwbrons.de

With the subject line “(Attention <your name>) | Re-authenticate 2 Factor Authentication (2Fa) | 09/19/2023” please note the dates and times varies between each email.  This email contained a link prompting you to click on it and provide your credentials.   This email is malicious and should be deleted.

 

SEPTEMBER 20  |  SUBJECT: Benefit package : Compensation Adjustment, Salary-Increase, Insurance Revision for <your name>

You may have received an email earlier today from HR-Payroll-Gov <info@pondmum.com> with a subject line of “Benefit package : Compensation Adjustment, Salary-Increase, Insurance Revision for <your name>”. This email contained a link prompting you to click on it and provide your credentials. This email is malicious and should be deleted.

If you clicked and DID provide your credentials, please immediately change your password to something completely different if possible from a different workstation and contact Security Investigations. If you clicked on the link but DID NOT provide your credentials, you do NOT need to take further action.

 

SEPTEMBER 19  |  SUBJECT: (Attention <your name>) | Re-authenticate 2 Factor Authentication (2Fa) | 09/19/2023

You may have received an email today or last week from senders iimura@sstkyokai.co.jp, bimschas@cwbrons.de, uda@pwrc.or.jp, soumu@pwrc.or.jp, credso@aminoresq.com, koarai@rm.med.tohoku.ac.jp, support@merca20.com, sales@logic-research.co.jp, or themir@mg.themirrorllc.com with a subject line of “(Attention <your name>) | Re-authenticate 2 Factor Authentication (2Fa) | 09/19/2023”. This email contained a link prompting you to click on it and provide your credentials. This email is malicious and should be deleted.

If you clicked and DID provide your credentials, please immediately change your password to something completely different if possible from a different workstation and contact Security Investigations. If you clicked on the link but DID NOT provide your credentials, you do NOT need to take further action.

 

SEPTEMBER 19  |  SUBJECT: Review and Sign Gov Files

You may have received an email earlier today from nelton.smith@efinancialcareers.com with a subject line of “Review and Sign Gov Files”. This email contained a link prompting you to click on it and provide your credentials. This email is malicious and should be deleted.

If you clicked and DID provide your credentials, please immediately change your password to something completely different if possible from a different workstation and contact Security Investigations. If you clicked on the link but DID NOT provide your credentials, you do NOT need to take further action.

 

SEPTEMBER 19  |  SUBJECT(S): "Re: CONGRATULATIONS! You have won an iPhone 15 Pro" or "Re: Congratulations on being a valued client!"

You may have received an email earlier from an email address 8alWEpn8alWEpn@Ahmedkkk3.onmicrosoft.com or a similar email address ending with @Ahmedkkk5.onmicrosoft.com with a subject line of “Re: CONGRATULATIONS! You have won an iPhone 15 Pro” or “Re: Congratulations on being a valued client!”. This email contained a link prompting you to click on it and provide your credentials. This email is malicious and should be deleted.

If you clicked and DID provide your credentials, please immediately change your password to something completely different if possible from a different workstation and contact Security Investigations. If you clicked on the link but DID NOT provide your credentials, you do NOT need to take further action.


Vulnerability Reports

17th-23rd

N23-403 Red Hat Openstack Undercloud Vulnerability

N23-402  Kubernetes service for notebooks in RHODS

N23-401  Red Hat Single Sign-On for OpenShift Vulnerability

N23-400 Trend Micro Apex One (on-prem and SaaS) Vulnerability

N23-399 Linux Kernel Below or Equal to 54 Vulnerability

N23-398 Apple Security Advisory

N23-397 MongoDB Server running on Windows or macOS Vulnerability

N23-396 Atlassian September Security Bulletin

N23-395 ISC Releases Security Advisories for BIND 9

N23-394 Drupal Core Cache Poisoning Vulnerability

N23-393 Python through 3.9.1 multiple Vulnerabilities

N23-392 Apache Calcite Vulnerability

N23-391 Microsoft Edge Elevation of Privilege Vulnerability

N23-390 OpenStack Vulnerability

N23-389 Red Hat Security Advisory

N23-388 Apple Security Advisory

N23-387 Apache Airflow prior to 1.10.11 Vulnerability

N23-386 Apache Airflow HDFS Provider prior to 4.1.1 Vulnerability

N23-385 Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 Vulnerability

N23-384 Linux kernel before 6.3.4. Vulnerability

N23-383 Ubuntu security advisory (AV23-558)


10th-16th

N23-382 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Security Advisory

N23-381 Palo Alto Networks security advisory (AV22-553)

N23-380 Red Hat security advisory (AV23-552)

N23-379 Fortinet security advisory (AV23-551)

N23-378 Mozilla security advisory (AV23-550)

N23-377 Google Chrome security advisory (AV23-549)

N23-376 Microsoft Edge security advisory

N23-375 Microsoft security advisory – September 2023

N23-374 Adobe security advisory (AV23-546)

N23-373 SAP Security Advisory

N23-372 Google Chrome Security Advisory

N23-371 Ubuntu Security Advisory

1st-9th

N23-370 Apple Security Advisory

N23-369 HPE Security Advisory

N23-368 Cisco Security Advisory

N23-367 Google Security Advisory

N23-366 Android Security Advisory

N23-365 Microsoft Edge Security Advisory

N23-364 Ivanti Security Advisory

27th- 31st

N23-363 FortiOS Security Advisory

N23-362 VMware Security Advisory

N23-361 Mozilla Foundation Thunderbird Security Advisory

N23-360 Cisco Unified Communications Products Security Advisory

N23-359 Apache Tomcat 9.x Security Advisory

N23-358 HPE B-Series SANnav Management Portal and Global View Security Bulletin

N23-357 Lenovo Multi-vendor BIOS Security Vulnerabilities

N23-356 Lenovo Third-party Bootloader Vulnerabilities

N23-355 Cisco Application Policy Infrastructure Controller Security Advisory

N23-354 Cisco FXOS Software Security Advisory

N23-353 Out-of-Cycle Security Bulletin-Junos OS-SRX Series and EX Series-Multiple vulnerabilities in J-Web

N23-352 Cisco Nexus 3000 and 9000 Series Switches Security Advisory

N23-351 HPE Security Advisory

N23-350 Dell Security Advisory

N23-349  Google Stable Channel Update for Desktop

N23-348 VMWare Security Advisory

N23-347 Mozilla Security Advisory

N23-346 Microsoft Edge elevation of privilege vulnerability.pdf

N23-345 IBM security advisory vulnerability.pdf

20th - 26th

N23-344 Linux kernel memory management subsystem Vulnerability

N23-343 binutils libbfd.c 2.36 Vulnerability

N23-342 curl 7.65.2 Vulnerability

N23-341 MarkText on Windows, Linux and macOS Vulnerability

N23-340 Cisco IPV Appliance Multiple Vulnerabilities

N23-339 Cisco FXOS Software SNMP Vulnerability

N23-338 MIT Kerberos 5 Vulnerability

N23-337 Google Stable Channel Update for Desktop

N23-336 Linux Kernel Vulnerability

N23-335 xterm before 380 Vulnerability

N23-334 Python cpython v.3.7 Vulnerability

N23-333 Node.js Vulnerability

N23-332 Microsoft Edge Elevation of Privilege Vulnerability

N23-331 PHP loading PHAR files Vulnerability

N23-330 Ivanti Security Advisory

N23-329 Dell Security Advisory

N23-328 Apache Airflow Drill Provider Vulnerability

N23-327 .NET and Visual Studio Denial of Service Vulnerability


13th - 19th

N23-325 HPE Security Advisory

N23-324 Linux Kernel Vulnerability

N23-323 Cisco Security Advisory

N23-322 Ivanti Avalanche below version 6.4.1. Vulnerabilities

N23-321 Atlassian Security Advisory

N23-320 Google Stable Channel Update for Desktop

N23-319 Adobe Security Bulletin

N23-318 Apache Traffic Server Vulnerability

N23-317 Python before 3.11.4 Vulnerability

N23-316 Zoom Desktop Client for Windows Vulnerability


6th - 12th

N23-315 Leaking VPN Client Traffic Vulnerability

N23-314 Zoom SDKs before 5.14.7 Vulnerability

N23-313 Apache Airflow Vulnerability

N23-312 Red Hat Security Advisory

N23-311 Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability

N23-310 Juniper Networks Junos OS Vulnerability

N23-309 Microsoft Security Advisory - August 2023

N23-308 Android Security Advisory – August 2023 Monthly Rollup

N23-307 PHP Information Disclosure Vulnerability

N23-306 Linux kernel Out Of Bounds memory access flaw

N23-305 Samba Vulnerabilities


1st - 5th

AL23-013 Midnight Blizzard conducts targeted social engineering over Microsoft Teams

AL23-012 2022 Top routinely exploited vulnerabilities

N23-304 Aruba AP Multiple Vulnerabilities

N23-303 Apache Helix through 1.2.0

N23-302 Apache Jackrabbit RMI access can lead to RCE

N23-301 Google Stable Channel Update for Desktop

N23-300 F5 Security Advisory

N23-299 Apache InLong Vulnerability

N23-298 HPE Security Advisory

N23-297 Linux Kernel multiple Vulnerabilities

N23-296 Apache Shiro Vulnerability

N23-295 Mozilla Security Advisory

23rd - 29th

N23-294 Linux kernel's Netfilter Subsystem Vulnerability

N23-293 Kentico CMS Vulnerabilities

N23-292 GitHub Repository Absolute Path Traversal Vulnerability

N23-291 Linux kernel through 6.3.1 Vulnerability

N23-290 Veritas InfoScale Operations Manager Vulnerability

N23-289 Linux Kernel multiple Vulnerabilities

N23-288 DedeCMS v5.7.109 Vulnerability

N23-287 Apache EventMesh Vulnerability

N23-286 Citrix Hypervisor Security Advisory

AL23-011 Threat Actors Exploiting Ivanti Endpoint Manager Mobile CVE-2023-35078

N23-285 Red Hat OpenShift Container Platform 4.13.5 Security Update

N23-284 Apple Security Advisory


16th - 22nd

N23-283 Atlassian Security Advisory

N23-282 Adobe Security Advisory

N23-281 Apache RocketMQ Vulnerability

N23-280 Oracle Security Advisory – July 2023 Quarterly Rollup

N23-279 Google Chrome Security Advisory

N23-278 Red Hat Security Advisory

N23-277 Citrix ADC and Citrix Gateway Security Bulletin


9th - 15th

N23-276 Microsoft Edge Security Advisory

N23-275 Zoom Client Vulnerabilities

N23-274 VMware SD-WAN (Edge) Authentication bypass Vulnerability

N23-273 Apple Security Advisory

N23-272 SonicWall Security Advisory

N23-271 Junos OS J-Web Multiple Vulnerabilities in PHP software

N23-270 Cisco SD-WAN vManage Unauthenticated REST API Access Vulnerability

N23-269 Node v20.2.0 Vulnerability

N23-268 Citrix Security Advisory

N23-267 Microsoft Security Advisory July 2023

N23-266 SAP Security Patch Day – July 2023

N23-265 Mozilla Security Advisory

N23-264 IBM July Security Advisory

N23-263 Apple Security Advisory

N23-262 Ubuntu Security Advisory


1st - 8th

N23-261 Cisco Security Advisory

N23-260 Cisco ACI Multi-Site CloudSec Security Advisory

N23-259 Progress MOVEit Security Advisory

N23-258 Vulnerability Android Security Bulletin

N23-257 Linux kernel’s XFS File System Vulnerability

N23-256 Zyxel NAS326 NAS540 NAS542 Vulnerability

N23-255 Mozilla Security Advisory

25th - 30th

N23-244 ISC BIND Security Advisory

N23-245 Google Chrome Security Advisory

N23-246 Fortinet Security Advisory

N23-247 Linux Kernel Vulnerability

N23-248 Red Hat Security Advisory

N23-249 Apache Accumulo Vulnerability

N23-250 Linux kernel's versions 5.6 - 5.11 Vulnerability

N23-251 Linux Kernel Local Code Execution Vulnerability

N23-252 Microsoft Edge Chromium Vulnerabilities

N23-253 Trellix Security Advisory

N23-254 Apache Traffic Server multiple Vulnerabilities


18th - 24th

N23-234 KeePassXC through 2.7.5 Vulnerability

N23-235 Linux Kernel Multiple Vulnerabilities

N23-236 Red Hat Multiple OpenShift Products RCI Vulnerability

N23-237 Gradio open-source Python Library Vulnerability

N23-238 Apple Security Advisory

N23-239 Apache Traffic Server Vulnerability

N23-240 Juniper Networks Security Advisory

N23-241 Apache Tomcat Vulnerability

N23-242 VMware Security Advisory

N23-243 Ubuntu Security Advisory


11th - 17th

N23-226 FortiNet FortiOS RCE Vulnerability in SSL VPN devices

N23-228 Citrix Security Advisory

N23-229 Google Chrome Security Advisory

N23-230 Microsoft security advisory – June 2023 monthly rollup

N23-231 Adobe Security Advisory

N23-232 Microsoft Edge Security Updates

N23-233 MOVEit Transfer Critical Vulnerability


4th - 10th

N23-216 Microsoft Edge Security Advisory

N23-217 Mozilla Security Advisory

N23-218 Android Security Bulletin — June 2023

N23-219 Google Chrome Security Advisory

N23-220 Deviniti for Jira Vulnerability

N23-221 VMware Security Advisory

N23-222 Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability

N23-223 Cisco AnyConnect Secure Mobility Client for Windows Local Privilege Elevation Vulnerability

N23-224 curl below v8.1.0 Information disclosure Vulnerability

N23-225 Cisco ASA-Firepower Threat Defense SSL-TLS denial of service Vulnerability


1st - 3rd

N23-213 Splunk Enterprise multiple Vulnerabilities

N23-214 Progress MOVEit Transfer

N23-215 Barracuda Email Security Gateway Appliances Security Advisory

28th - 31st

N23-209 Wireshark multiple Vulnerabilities

N23-210 Red Hat JBoss Remote DoS Vulnerability

N23-211 Apache Tomcat Vulnerability

N23-212 Google Stable Channel Update for Desktop


21st - 27th

N23-204 Android security updates - May 2024

N23-205 Moxa Security Advisory

N23-206 Hitachi Energy Security Advisory

N23-207 Hitachi Energy’s RTU500 Series Product Security Advisory

N23-208 Ubuntu Security Advisory


14th - 20th

N23-195 IBM May Security Advisory

N23-196 Google Chrome Security Advisory

N23-197 Ubuntu Security Advisory

N23-198 HPE Security Bulletin

N23-199 Cisco Security Advisory

N23-200 Cisco Small Business Series Switches Security Advisory

N23-201 Mitel Product Security Advisory

N23-202 Mozilla Foundation Thunderbird Security Advisory

N23-203 Apple Security Advisory - May 2023


7th - 13th

N23-179 Linux Kernel io_uring subsystem Vulnerability

N23-180 Microsoft Security Advisory – May 2023

N23-181 Mozilla Security Advisory

N23-182 Cisco SPA112 2-Port Phone Adapters Security Advisory

N23-183 Intel Security Advisory

N23-184 Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Security Advisory

N23-185 Cisco StarOS Software Key-Based SSH Authentication Security Advisory

N23-186 Hitachi Energy Advisory

N23-187 Cisco BroadWorks Network Server TCP Denial of Service Vulnerability

N23-188 Cisco Security Advisory

N23-189 Lenovo Security Advisory

N23-190 Red Hat Security Advisory1

N23-191 FortiADC Security Advisory

N23-192 Microsoft Edge Security Updates

N23-193 Adobe security advisory

N23-194 VMware security advisory


1st - 6th

N23-173 Apache Spark UI Vulnerability

N23-174 F5 Security Advisory

N23-175 Apache Superset Session Validation Vulnerability

N23-176 Google Chrome Security Advisory

N23-177 Fortinet Security Advisory

N23-178 Microsoft Azure API Management multiple Vulnerabilities

 


Resources:

The best protection against all forms of malicious cyberattacks is to arm yourself with the knowledge ahead of time, so when you are faced with these adverse situations you are prepared and ready to respond accordingly.

Read up on the types of malicious cyberattacks you and your colleagues are at risk of falling victim to:

Phishing is a social engineering method most frequently used by cyber criminals to capture personal and/or financial information. It uses email with faked information and takes the user to dangerous websites. Phishing emails are able to fake the sending address and reproduce logos of legitimate senders such as a bank or a government agency.

A phishing email usually has a few common elements:

  • It claims to come from a credible organization
  • It claims to come from someone familiar
  • A tone of urgency that asks the recipient to take immediate action
  • A tone of urgency that asks the recipient to take immediate action
  • A threat of negative consequences, or the promise of some kind a reward 

The goal is to trick a user into divulging personal and/or financial data such as credit card numbers, account user names and passwords or other valuable information. In some situations, the phishing email may trick a user into downloading dangerous malware onto their computer.

How do you guard against Phishing?

Remember that legitimate businesses, financial institutions, and help desks should never ask you for personal or confidential information via email, voice or text message. Be ware of unexpected messages and verify them by contacting. Less sophisticated messages may set off alarm bells because there are misspelled words or faulty grammar. You can ‘hover’ your mouse over a URL to see if it is identical to what is written; if they are different, this is an indicator that the source is probably not legitimate.

In General

  • Be careful if the email was unsolicited.
  • Be suspicious if the unsolicited email contains spelling errors or incorrect grammar.
  • The best practice is to not trust supplied links, especially if received in unsolicited emails; use a reputable search engine to look up the address and/or company names and go from there.
  • Do not reply with any personal, confidential or financial information to ‘verify’ your identity.
  • Monitor your credit card and bank statements. If you believe you have been a victim of phishing contact your local police to get advice and to file a complaint.
  • Do not click on “Unsubscribe” in a spam/ phishing email – this lets the spammers know they have hit a “live” address and you will get more emails of this type.
  • If you believe the email communication to be valid, contact the company directly.
  • If you are unsure what to do when a suspect email is received, best practice is to delete it.

Read up on the following external resources for a better understanding of phishing emails and how they are composed:

Safety Detectives' guide to phishing defence

Phishing examples from Aura

Phishing examples from Terranova Security

Ransomware is a form of malicious code or malware that infects a computer or network and spreads rapidly to encrypt the data. This malware makes the data inaccessible to the users and the criminals responsible will demand payment from the user in order to have their files unencrypted and returned. The payment is often requested in Bitcoin or other electronic currency. Businesses and individuals worldwide are currently under attack by ransomware. Individuals are reporting incidents in which their systems are frozen while an on-screen message demands payment to have their data returned. Individuals both at work and at home are at risk of these and similar attacks by hackers. Trend Micro researchers anticipate that ransomware will make further grounds in 2018 and that it’s not going away anytime soon.

Steps to lower the risk of infection and to help with recovery

  • Make sure all software is kept up-to-date with the latest patches including Windows, web browsers, Java and Adobe.
  • Perform regular backups of your data. Ideally, this data should be kept on a different device other than your computer.
  • Don’t open links or attachments in emails from untrusted or unknown sources.
  • Ensure your anti-virus is up to date.
  • Consider using a security application from a reputable company on your mobile device.
  • Don’t download or install applications from untrusted or unknown sources.
  • Never click on pop-up windows that claim your computer has a virus.

How to protect against a ransomware infection

Be skeptical. Do not click on any emails or attachments you do not recognize, and avoid suspicious websites altogether, such as the ads/links that often appear at the right or the bottom of a website. Do not accept any software updates that are triggered from a website or email. This includes offers of Windows 10, and updates to Java and Adobe Flash.
What to do if your workstation or other network-connected device is infected:
If you receive a ransomware pop-up, or come across a file that prompts you to pay a ransom to regain access to your files, you need to:

  1. Disable Wi-Fi (if using)
  2. Disconnect the network cable from the device to try and halt the spread
  3. Leave the device powered on for investigative reasons
  4. Go to another workstation and change key online passwords such as online banking
  5. Report the problem immediately to your IT department
 

Spyware, a kind of malicious software, can monitor and control your computer without your permission. It
may be used to monitor your internet surfing, record your keystrokes and could potentially lead to identity
theft.

Because spyware is mostly focused on information collection or “spying”, the clues that spyware is on a computer can be difficult to spot. Spyware-like services are also sometimes installed ‘legally’ through the
wording of EULA agreements on social media and legitimate software.

The good news is that consumers can minimize how much of their information is collected by following some simple recommendations.

Recommendations

  • Keep your operating system and web browsers updated. Your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that spyware could exploit.
  • Download free software only from sites you know and trust. It can be appealing to download free software like games, peer-to-peer file-sharing programs, customized toolbars, or other programs that may change or customize the functioning of your computer. Be aware, however, that some of these free software applications bundle or hide other programs in the software, including spyware.
  • Don’t install any software without knowing exactly what it is. Take the time to read the end-user license agreement (EULA) before downloading any software. If the EULA is hard to find — or difficult to understand — think twice about installing the software.
  • Minimize “drive-by” downloads. Make sure your browser security setting is high enough to detect unauthorized downloads, for example, at least the “Medium” setting for Internet Explorer. Keep your browser updated.
  • Don’t click on any links within pop-up windows. If you do, you may install spyware on your computer. Instead, close pop-up windows by clicking on the “X” icon in the title bar.
  • Don’t click on links in spam that claim to offer anti-spyware software. Some software offered in spam actually installs spyware.
  • Install a personal firewall to stop uninvited users from accessing your computer. A firewall blocks unauthorized access to your computer and will alert you if spyware already on your computer is sending information out.

What to do if you suspect Spyware

If you think your computer might have spyware on it, you should take three steps:

  1. Get an anti-malware program from a vendor you know and trust.
  2. Set it to scan on a regular basis — at least once a week — and every time you start your computer, if possible.
  3. Uninstall unused software from your computer. Review and uninstall what you don’t use.

Social Engineering is a way that people use normal social interactions to manipulate people to breach security. It isn’t limited to any technology or system, it can be conversation, texting, body language, or email.

The goals of Social Engineering are typically sensitive or personal information, but it can be used to access secure systems. Social Engineering is used for fraud, identity theft, or can be the prelude to a more serious hack.

Usually Social Engineering plays on a person’s expectations, and emotions. Sometimes it means a person is pretending to be a delivery person, or they could pretend to be frazzled and running late. They play on our gut reactions in order to bypass our reasoning.

There is no single technology or strategy that can defend against social engineering. Each person is the front line against this kind of intrusion. The critical element to protect yourself and your organization is critical thinking.

How to Avoid Being a Victim?

Keep your eyes open and ask yourself questions:

  • If someone wants to enter your house, ask yourself if this is really a secure situation? Are you expecting maintenance or a delivery? Is this person from the company that you’d expect?
  • Why is someone asking about details about your work? Is this information that could be used
    maliciously?
  • How is this person making me feel? Am I feeling sorry for this person who forgot their keycard? Am I feeling intimitated by this bigshot who demands access and information? Am I feeling like I owe this friendly stranger in the café?
  • Does this person really have authority? Have I actually seen any of their credentials?
  • Does it make sense for me to be using my financial information in this situation? Am I dealing with a verified and trusted entity?
  • Am I communicating in a secure way? Is this connection secure? Can I be overheard?

These questions might give you a sense that something is off about a situation. Be diligent and double-check information. Verify information with a trusted third party. Don’t take everything at face value.

What to do if you think you are a victim?

  • If you believe your financial accounts have been compromised, contact your financial institution or credit card company immediately. Watch for any unexplainable charges to your account.
  • Document the situation, report the attack to the police and file a report.
  • Check your credit report with:
    • Equifax Canada – www.consumer.equifax.ca/home/en_ca
    • Trans Union Canada – www.transunion.ca
  • If you believe you might have revealed confidential or sensitive information about your organization, report it to the appropriate Security or Privacy people within your organization.

In recent years, we’ve seen Social Media networks being used to spread extremism, erode social trust, and influence elections. By changing people’s perception of the world, cyber-propaganda can manipulate the choices of people.

Read on to learn how you can resist cyber-propaganda.

Fake News

Fake news is being used to spread distrust, as well as change public opinion through manipulation. Fake news is hard to spot right away because the world changes at a rapid pace. That means we need to read everything with a critical eye.

Don’t just browse the headlines. When reading articles online, take a moment to ask some questions before sharing:

  • Who wrote it?
  • Is the site credible?
  • Does the evidence support what the author is claiming?
  • Is it supported by other articles?
  • Does the article serve a different purpose?

False Accounts

Not every user account online is who they claimto be. Foreign governments and cybercriminals have been creating fake accounts to generate conflict on the internet. Many of these accounts will pretend to have an extreme version of an existing opinion in order to break trust and cause further divisions between different political leanings. By creating more conflict, this allows groups to influence public decisions.

Before responding to an online post, check these things first:

  • How long has this user been in existence? Fake accounts are usually only used for short periods of time.
  • Does this user have a lot of likes but not a lot of followers? They could be artificially boosting their popularity.
  • Does this user often post links using URL shorteners like bit.ly or tinyurl?

Online Radicalization

Extremist groups use the internet to radicalize and recruit new members into violent and dangerous
movements. You might know someone who is at risk of online radicalization.

Watch for these signs:

  • Is the person reposting or linking to radical content? (hate groups, extremist groups)
  • Are they withdrawing from their usual social networks?
  • Are they exhibiting black-and-white thinking around social topics?
  • Is the person expressing extreme anger when faced with disagreement?

What you can do:

  • If you feel safe doing so, talk to someone if you’re worried they’re at risk of radicalization
  • Report online material promoting terrorism or extremism
    https://www.canadiancrimestoppers.org/tips
  • If you suspect a crime has occurred, report it to your local police force

How to Protect Against Cyber-Propaganda

The propaganda in our social networks can be scary, but we aren’t alone.
Here are some general tips to help resist cyber-propaganda:

  • Don’t just debunk, support media that is honest and reliable
  • Practice good information security to prevent your accounts from being breached and misused
  • Pay attention to those who benefit from the information that you see online
  • Use social media responsibly and think critically before you share anything