#FactCheck - Edited Video of ‘India-India’ Chants at Republican National Convention

Incident Overview

Earlier this week, the Chinese media reported that several ‘Macau’ government websites were hacked, indicating a significant targeted cyberattack. The hacked website includes those of the office of the Secretary for Security, the public security police, the fire services department and the Security Forces Services Bureau. It was reported that the police have launched a criminal investigation to trace the source of the crime. Furthermore, officials believe the source of the intrusion was likely from overseas, and authorities have carried out an emergency response in conjunction with telecommunication operators to restore affected services on a priority basis. The densely populated Macau is a special administrative region on the south coast of China and the cyber attacks on the essential government website of China raise a serious concern. 

Response and Mitigation

Macau's authorities carried out an emergency response in collaboration with telecommunication operators to restore regular services as a distributed denial-of-service attack (DDoS) was reported to be carried out on certain government websites which resulted in the inactivity of those several websites. The country's security forces instructed Macau Telecom to investigate the incident and submit a report and improvement plan to prevent similar attacks in the future.

Context and Implications

The hack on the government websites of Macau is not a single incident; rather, it is a part of an increasing pattern of cyberattacks on the region's vital infrastructure. According to a recent report, the frequency of cybercrimes has tripled since 2020, targeting Macau's critical infrastructure, which is worrying. This pattern draws attention to the growing threats that public sector organisations and governments throughout the world confront.

Final Words 

In light of such sophisticated attacks targeting vital infrastructure or critical government operations, it is imperative that the country ensure powerful cybersecurity strategies and measures. Implementing robust cybersecurity measures, developing incident response planning, regular security checks, employee training on cyber hygiene, public awareness and capacity building and international collaboration to jointly develop and plan counteract strategies is a crucial step to build safeguards against such cyber threats.

The incident of a cyberattack on the government websites of Macau serves stark reminder of the evolving threats and cybersecurity challenges, it is a serious concern when critical government websites are compromised by malicious actors. It highlights the necessity for continuous vigilance and cybersecurity measures in place to counter such cyber attacks. A comprehensive approach to cybersecurity, the government can enhance their overall cybersecurity posture, establish resilience against such threats in future, and save the functionality of essential government websites. 

References:

1. https://macaudailytimes.com.mo/websites-of-office-of-the-secretary-for-security-targeted-in-a-cyber-attack.html
2. https://www.reuters.com/world/china/several-macau-government-websites-hacked-says-chinese-state-media-2024-07-11/
3. https://4imag.com/several-macau-government-websites-hacked-says-chinese-state-media/
4. https://www.aol.com/news/several-macau-government-websites-hacked-001435511.htmlhttps://therecord.media/macau-government-websites-hit-with-cyberattack
5. https://macaonews.org/news/city/macau-cyberattacks-cyber-security-attacks-macao/

‍

Introduction:

The Federal Bureau of Investigation (FBI) focuses on threats and is an intelligence-driven agency with both law enforcement and intelligence responsibilities. The FBI has the power and duty to look into certain offences that are entrusted to it and to offer other law enforcement agencies cooperation services including fingerprint identification, lab tests, and training. In order to support its own investigations as well as those of its collaborators and to better comprehend and address the security dangers facing the United States, the FBI also gathers, disseminates, and analyzes intelligence.

The FBI’s  Internet Crime Complaint Center (IC3) Functions combating cybercrime:

1. Collection: Internet crime victims can report incidents and notify the relevant authorities of potential illicit Internet behavior using the IC3. Law enforcement frequently advises and directs victims to use www.ic3.gov to submit a complaint.
2. Analysis: To find new dangers and trends, the IC3 examines and examines data that users submit via its website.
3. Public Awareness: The website posts public service announcements, business alerts, and other publications outlining specific frauds. Helps to raise awareness and make people become aware of Internet crimes and how to stay protected.
4. Referrals: The IC3 compiles relevant complaints to create referrals, which are sent to national, international, local, and state law enforcement agencies for possible investigation. If law enforcement conducts an investigation and finds evidence of a crime, the offender may face legal repercussions.

‍

Alarming increase in cyber crime cases:

In the recently released 2022 Internet Crime Report by the FBI's Internet Crime Complaint Center (IC3), the statistics paint a concerning picture of cybercrime in the United States. FBI’s Internet Crime Complaint Center (IC3) received 39,416 cases of extortion in 2022. The number of cases in 2021 stood at 39,360.

FBI officials emphasize the growing scope and sophistication of cyber-enabled crimes, which come from around the world. They highlight the importance of reporting incidents to IC3 and stress the role of law enforcement and private-sector partnerships.

About Internet Crime Complaint Center IC3:

IC3 was established in May 2000 by the FBI to receive complaints related to internet crimes.

It has received over 7.3 million complaints since its inception, averaging around 651,800 complaints per year over the last five years. IC3's mission is to provide the public with a reliable reporting mechanism for suspected cyber-enabled criminal activity and to collaborate with law enforcement and industry partners. 

The FBI encourages the public to regularly review consumer and industry alerts published by IC3. An victim of an internet crime are urged to submit a complaint to IC3, and can also file a complaint on behalf of another person. These statistics underscore the ever-evolving and expanding threat of cybercrime and the importance of vigilance and reporting to combat this growing challenge.

What is sextortion?

The use or threatened use of a sexual image or video of another person without that person’s consent, derived from online encounters or social media websites or applications, primarily to extort money from that person or asking for sexual favours and giving warning to distribute that picture or video to that person’s friends, acquaintances, spouse, partner, or co-workers or in public domain. 

Sextortion is an online crime that can be understood as, when an bad actor coerces a young person into creating or sharing a sexual image or video of themselves and then uses it to get something from such young person, such as other sexual images, money, or even sexual favours. Reports highlights that more and more kids are being blackmailed in this way. Sextortion can also happen to adults. Sextortion can also take place by taking your pictures from social media account and converting those pictures into sexually explicit content by morphing such images or creating deepfake by miusing deepfake technologies.

Sextortion in the age of AI and advanced technologies:

AI and deep fake technology make sextortion even more dangerous and pernicious. A perpetrator can now produce a high-quality deep fake that convincingly shows a victim engaged in explicit acts — even if the person has not done any such thing. 

Legal Measures available in cases of sextortion:

In India, cybersecurity is governed primarily by the Indian Penal Code (IPC) and the Information Technology Act, 2000 (IT Act). Addressing cyber crimes such as hacking, identity theft, and the publication of obscene material online, sextortion and other cyber crimes. The IT Act covers various aspects of electronic governance and e-commerce, with providing provisions for defining such offences and providing punishment for such offences.

Recently Digital Personal Data Protection Act, 2023 has been enacted by the Indian Government to protect the digital personal data of the Individuals. These laws collectively establish the legal framework for cybersecurity and cybercrime prevention in India. Victims are urged to report the crime to local law enforcement and its cybercrime divisions. Law enforcement will investigate sextortion cases reports and will undertake appropriate legal action.  

How to stay protected from evolving cases of sextortion: Best Practices:

‍

• Report the Crime to law enforcement agency and social media platform or Internet service provider. 
• Enable Two-step verification as an extra layer of protection.
• Keep your laptop Webcams covered when not in use.
• Stay protected from malware and phishing Attacks.
• Protect your personal information on your social media account, and also monitor your social media accounts in order to identify any suspicious activity. You can also set and review privacy settings of your social media accounts.

Conclusion:

Sextortion cases has been increased in recent time. Knowing the risk, being aware of rules and regulations, and by following best practices will help in preventing such crime and help you to stay safe and also avoid the chance of being victimized. It is important to spreading awareness about such growing cyber crimes and empowering the people to report it and it is also significant to provide support to victims. Let’s all unite in order to fight against such cyber crimes and also to make life a safer place on the internet or digital space.

References:

• https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3ElderFraudReport.pdf
• https://octillolaw.com/insights/fbi-ic3-releases-2022-internet-crime-report/
• https://www.iafci.org/app_themes/docs/Federal%20Agency/2022_IC3Report.pdf

‍

Introduction

As we navigate the digital realm that offers unlimited opportunities, it also exposes us to potential cyber threats and scams. A recent incident involving a businessman in Pune serves as a stark reminder of this reality. The victim fell prey to a sophisticated online impersonation fraud, where a cunning criminal posed as a high-ranking official from Hindustan Petroleum Corporation Limited (HPCL). This cautionary tale exposes the inner workings of the scam and highlights the critical need for constant vigilance in the virtual world.

Unveiling the scam

It all began with a phone call received by the victim, who lives in Taware Colony, Pune, on September 5, 2023. The caller, who identified himself as "Manish Pande, department head of HPCL," lured the victim by taking advantage of his online search for an LPG agency. With persuasive tactics, the fraudster claimed to be on the lookout for potential partners.

When a Pune man received a call on September 5, 2023. The caller, who introduced himself as “department head of HPCL”, was actually a cunning fraudster. It turns out, the victim had been searching for an LPG agency online, which the fraudster cleverly used to his advantage. In a twisted plot, the fraudster pretended to be looking for potential locations to establish a new LPG cylinder agency in Pune. 

Enthralled by the illusion

The victim fell for the scam, convinced by the mere presence of "HPCL" in the bank account's name. Firstly victim transferred Rs 14,500 online as “registration fees”. Things got worse when, without suspicion, the victim obediently transferred Rs 1,48,200 on September 11 for a so-called "dealership certificate." To add to the charade of legitimacy, the fraudster even sent the victim registration and dealership certificates via email.

Adding to the deception, the fraudster, who had targeted the victim after discovering his online inquiry, requested photos of the victim's property and personal documents, including Aadhaar and PAN cards, educational certificates, and a cancelled cheque. These seemingly legitimate requests only served to reinforce the victim's belief in the scam.

The fraudster said they were looking for a place to allot a new LPG cylinder agency in Pune and would like to see if the victim’s place fits in their criteria. The victim agreed as it was a profitable business opportunity. The fraudster called the victim to “confirm” that his documents have been verified and assured that HPCL would be allotting him an LPG cylinder agency. On September 12, the fraudster again demanded a sum of money, this time for the issuance of an "HPCL license." 

As the victim responded that he did not have the money, the fraudster insisted on an immediate payment of at least 50 per cent of the stipulated amount. So the victim transferred Rs 1,95,200 online. On the following day the 13th of September 2023, the fraudster asked the victim for the remaining amount. The victim said he would arrange the money in a few days. Meanwhile, on the same day, the victim went to the HPCL’s office in the Pune Camp area with the documents he had received through the emails. The HPCL employees confirmed these documents were fake, even though they looked very similar to the originals. The disclosure was a pivotal moment, causing the victim to fully comprehend the magnitude of the deceit and ultimately pursue further measures against the cybercriminal.

Best Practices

• Ensuring Caller Identity- Prioritize confirming the identity of anyone reaching out to you, especially when conducting financial transactions. Hold back from divulging confidential information until you have verified the credibility of the request. 
• Utilize Official Channels- Communicate with businesses or governmental organizations through their verified contact details found on their official websites or trustworthy sources. Avoid solely relying on information gathered from online searches. 
• Maintaining Skepticism with Unsolicited Communication- Exercise caution when approached by unexpected calls or emails, particularly those related to monetary transactions. Beware of manipulative tactics used by scammers to pressure swift decisions.
• Double-Check Information- To ensure accuracy, it is important to validate the information given by the caller on your own. This can be done by double-checking and cross-referencing the details with the official source. If you come across any suspicious activities, do not hesitate to report it to the proper authorities. 
• Report Suspicious Activities- Reporting can aid in conducting investigations and providing assistance to the victim and also preventing similar incidents from occurring.  It is crucially important to promptly report cyber crimes so law enforcement agencies can take appropriate action. A powerful resource available to victims of cybercrime is the National Cyber Crime Reporting Portal, equipped with a 24x7 helpline number, 1930. This portal serves as a centralized platform for reporting cybercrimes, including financial fraud.

Conclusion

This alarming event serves as a powerful wake-up call to the constant danger posed by online fraud. It is crucial for individuals to remain sceptical, diligently verifying the credibility of unsolicited contacts and steering clear of sharing personal information on the internet. As technology continues to evolve, so do the strategies of cyber criminals, heightening the need for users to stay on guard and knowledgeable in the complex digital world.

References:

• https://indianexpress.com/article/cities/pune/cybercriminal-posing-hindustan-petroleum-official-cheat-pune-man-9081057/
• https://www.timesnownews.com/mirror-now/crime/pune-man-duped-of-rs-3-5-lakh-by-cyber-fraudster-impersonating-hpcl-official-article-106253358