#FactCheck - Manipulated Image Alleging Disrespect Towards PM Circulates Online

Executive Summary:

The viral video circulating on social media about the Indian men’s 4x400m relay team recently broke the Asian record and qualified for the finals of the world Athletics championship. The fact check reveals that this is not a recent event but it is from the World World Athletics Championships, August 2023 that happened in Budapest, Hungary. The Indian team comprising Muhammed Anas Yahiya, Amoj Jacob, Muhammed Ajmal Variyathodi, and Rajesh Ramesh, clocked a time of 2 minutes 59.05 seconds, finishing second behind the USA and breaking the Asian record. Although they performed very well in the heats, they only got fifth place in the finals. The video is being reuploaded with false claims stating its a recent record. 

Claims:

A recent claim that the Indian men’s 4x400m relay team set the Asian record and qualified to the world finals.

Fact Check:

In the recent past, a video of the Indian Men’s 4x400m relay team which set a new Asian record is viral on different Social Media. Many believe that this is a video of the recent achievement of the Indian team. Upon receiving the posts, we did keyword searches based on the input and we found related posts from various social media. We found an article published by ‘The Hindu’ on August 27, 2023.

‍

According to the article, the Indian team competed in the World Athletics Championship held in Budapest, Hungary. During that time, the team had a very good performance. The Indian team, which consisted of Muhammed Anas Yahiya, Amoj Jacob, Muhammed Ajmal Variyathodi, and Rajesh Ramesh, completed the race in 2:58.47 seconds, coming second after the USA in the event. 

The earlier record was 3.00.25 which was set in 2021. 

This was a new record in Asia, so it was a historic moment for India. Despite their great success, this video is being reshared with captions that implies this is a recent event, which has raised confusion. We also found various social media posts posted on Aug 26, 2023. We also found the same video posted on the official X account of Prime Minister Narendra Modi, the caption of the post reads, “Incredible teamwork at the World Athletics Championships! 

Anas, Amoj, Rajesh Ramesh, and Muhammed Ajmal sprinted into the finals, setting a new Asian Record in the M 4X400m Relay. 

This will be remembered as a triumphant comeback, truly historical for Indian athletics.”

This reveals that this is not a recent event but it is from the World World Athletics Championships, August 2023 that happened in Budapest, Hungary. 

Conclusion:

The viral video of the recent news about the Indian men’s 4x400m relay team breaking the Asian record is not true. The video was from August 2023 that happened at the World Athletics Championships, Budapest. The Indian team broke the Asian record with 2 minutes 59.05 seconds in second position while the US team obtained first position with a timing of 2 minutes 58.47 seconds. However, the video circulated projecting as a recent event is misleading and false.

• Claim:  Recent achievement of the Indian men's 4x400m relay team broke the Asian record and qualified for the World finals.
• Claimed on: X, LinkedIn, Instagram
• Fact Check: Fake & Misleading

‍

Introduction

In the advanced age of digitalization, the user base of Android phones is high. Our phones have become an integral part of our daily life activities from making online payments, booking cabs, playing online games, booking movie & show tickets, conducting online business activities, social networking, emailing and communication, we utilize our mobile phone devices. The Internet is easily accessible to everyone and offers various convenient services to users. People download various apps and utilize various services on the internet using their Android devices. Since it offers convenience, but in the growing digital landscape, threats and vulnerabilities have also emerged. Fraudsters find the vulnerabilities and target the users. Recently, various creepy online scams such as AI-based scams, deepfake scams, malware, spyware, malicious links leading to financial frauds, viruses, privacy breaches, data leakage, etc. have been faced by Android mobile users. Android mobile devices are more prone to vulnerabilities as compared to iOS. However, both Android and iOS platforms serve to provide safer digital space to mobile users. iOS offers more security features. but we have to play our part and be careful. There are certain safety measures which can be utilised by users to be safe in the growing digital age.

‍

User Responsibility: 

Law enforcement agencies have reported that they have received a growing number of complaints showing malware being used to compromise Android mobile devices. Both the platforms, Android and Google, have certain security mechanisms in place. However, cybersecurity experts emphasize that users must actively take care of safeguarding their mobile devices from evolving online threats. In this era of evolving cyber threats, being precautious and vigilant and personal responsibility for digital security is paramount.

‍

Being aware of evolving scams

1. Deepfake Scams: Deepfake is an AI-based technology. Deepfake is capable of creating realistic images or videos which in actuality are created by machine algorithms. Deepfake technology, since easily accessible, is misused by fraudsters to commit various cyber crimes or deceive and scam people through fake images or videos that look realistic. By using the Deepfake technology, cybercriminals manipulate audio and video content which looks very realistic but, in actuality, is fake. 
2. Voice cloning: To create a voice clone of anyone's, audio can be deepfaked too, which closely resembles a real one but, in actuality, is a fake voice created through deepfake technology. Recently, in Kerala, a man fell victim to an AI-based video call on WhatsApp. He received a video call from a person claiming to be his former colleague. The scammer, using AI deepfake technology, impersonated the face of his former colleague and asked for financial help of 40,000. 
3. Stalkerware or spyware: Stalkware or spyware is one of the serious threats to individual digital safety and personal information. Stalkware is basically software installed into your device without your consent or knowledge in order to track your activities and exploit your data. Stalkware, also referred to as spyware, is a type of malicious software secretly installed on your device without your knowledge. Its purpose is to track you or monitor your activities and record sensitive information such as passwords, text messages, GPS location, call history and access to your photos and videos. Cybercriminals and stalkers use this malicious software to unauthorisedly gain access to someone's phone devices.

‍

Best practices or Cyber security tips:

• Keep your software up to date: Turn on automatic software updates for your device and make sure your mobile apps are up to date.
• Using strong passwords: Use strong passwords on your lock/unlock and on important apps on your mobile device.
• Using 2FA or multi-factor authentication: Two-factor authentication or multi-factor authentication provides extra layers of security. Be cautious before clicking on any link and downloading any app or file: Users are often led to click on malicious online links. Scammers may present such links to users through false advertisements on social media platforms, payment processes for online purchases, or in phone text messages. Through the links, victims are led either to phishing sites to give away personal data or to download harmful Android Package Kit (APK) files used to distribute and install apps on Android mobile phones.‍
• Secure Payments: Do not open any malicious links. Always make payments from secure and trusted payment apps.  Use strong passwords for your payment apps as well. And secure your banking credentials.‍
• Safe browsing: Pay due care and attention while clicking on any link and downloading content. Ignore the links or attachments of suspicious emails which are from an unknown sender. ‍
• Do not download third-party apps: Using an APK file to download a third-party app to an Android device is commonly known as sideloading. Be cautious and avoid downloading apps from third-party or dubious sites. Doing so may lead to the installation of malware in the device, which in turn may result in confidential and sensitive data such as banking credentials being stolen. Always download apps only from the official app store.‍
• App permissions: Review app permission and only grant permission which is necessary to use that app. ‍
• Do not bypass security measures: Android offers more flexibility in the mobile operating system and in mobile settings. For example, sideloading of apps is disabled by default, and alerts are also in place to warn users. However, an unwitting user who may not truly understand the warnings may simply grant permission to an app to bypass the default setting.‍
• Monitoring: Regularly monitor your devices and system logs for security check-ups and for detecting any suspicious activity.‍
• Reporting online scams: A powerful resource available to victims of cybercrime is the National Cyber Crime Reporting Portal, equipped with a 24x7 helpline number, 1930. This portal serves as a centralized platform for reporting cybercrimes, including financial fraud.

‍

Conclusion:

The era of digitalisation has transformed our lives, with Android phones becoming an integral part of our daily routines. While these devices offer convenience, they also expose us to online threats and vulnerabilities, such as scams like deepfake technology-based scams, voice clones, spyware, malware, and malicious links that can lead to significant financial and privacy breaches. Android devices might be more susceptible to such scams. By being aware of emerging scams like deepfakes, spyware, and other malicious activities, we can take proactive steps to safeguard our digital lives. Our mobile devices remain as valuable assets for us. However, they are also potential targets for cybercriminals. Users must remain proactive in protecting their devices and personal data from potential threats. By taking personal responsibility for our digital security and following these best practices, we can navigate the digital landscape with confidence, ensuring that our Android phones remain powerful tools for convenience and connection while keeping our data and privacy intact and staying safe from online threats and vulnerabilities.

‍

References: 

https://www.todayonline.com/singapore/explainer-why-android-devices-prone-online-scams-users-guard-against-it-2252066

‍

Introduction

All citizens are using tech to their advantage, and so we see a lot of upskilling among the population leading to innovation in India. As we go deeper into cyberspace, we must maintain our cyber security efficiently and effectively. When bad actors use technology to their advantage, we often see data loss or financial loss of the victim, In this blog, we will shine light upon two new forms of cyber attacks, causing havoc upon the innocent. The “Daam” Malware and a new malicious app are the two new issues.

Daam Botnet

Since 2021, the DAAM Android botnet has been used to acquire unauthorised access to targeted devices. Cybercriminals use it to carry out different destructive actions. Using the DAAM Android botnet’s APK binding service, threat actors can combine malicious code with a legitimate application. Keylogging, ransomware, VOIP call records, runtime code execution, browser history collecting, incoming call recording, PII data theft, phishing URL opening, photo capture, clipboard data theft, WiFi and data status switching, and browser history gathering are just a few of the functions offered by the DAAM Android botnet. The DAAM botnet tracks user activity using the Accessibility Service and stores keystrokes it has recorded together with the name of the programme package in a database. It also contains a ransomware module that encrypts and decrypts data on the infected device using the AES method.

Additionally, the botnet uses the Accessibility service to monitor the VOIP call-making features of social media apps like WhatsApp, Skype, Telegram, and others. When a user engages with these elements, the virus begins audio recording.

The Malware

CERT-IN, the central nodal institution that reacts to computer security-related issues, claims that Daam connects with various Android APK files to access a phone. The files on the phone are encrypted using the AES encryption technique, and it is distributed through third-party websites.

It is claimed that the malware can damage call recordings and contacts, gain access to the camera, change passwords, take screenshots, steal SMS, download/upload files, and perform a variety of other things.

Safeguards and Guidelines by Cert-In

Cert-In has released the guideline for combating malware. These were issued in the public interest. The recommendations by Cert-In are as follows-

Only download from official app stores to limit the risk of potentially harmful apps.

Before downloading an app, always read the details and user reviews; likewise, always give permissions that are related to the program’s purpose.

Install Android updates solely from Android device vendors as they become available.

Avoid visiting untrustworthy websites or clicking on untrustworthy

Install and keep anti-virus and anti-spyware software up to date.

Be cautious if you see mobile numbers that appear to be something other than genuine/regular mobile numbers.

Conduct sufficient investigation Before clicking on a link supplied in a communication.

Only click on URLs that clearly display the website domain; avoid abbreviated URLs, particularly those employing bit.ly and tinyurl.

Use secure browsing technologies and filtering tools in antivirus, firewall, and filtering services.

Before providing sensitive information, look for authentic encryption certificates by looking for the green lock in your browser’s URL information, look for authentic encryption certificates by looking for the green lock in your browser’s URL bar.

Any ‘strange’ activity in a user’s bank account must be reported immediately to the appropriate bank.

‍

New Malicious App

From the remote parts of Jharkhand, a new form of malicious application has been circulated among people on the pretext of a bank account closure. The bad actors have always used messaging platforms like Whatsapp and Telegram to circulate malicious links among unaware and uneducated people to dupe them of their hard-earned money.

They send an ordinary-looking message on Whatsapp or Telegram where they mention that the user has a bank account at ICICI bank and, due to irregularity with the credentials, their account is being deactivated. Further, they ask users to update their PAN card to reactivate their account by uploading the PAN card on an application. This app, in turn, is a malicious app that downloads all the user’s personal credentials and shares them with the bad actors via text message, allowing them to bypass banks’ two-factor authentication and drain the money from their accounts. The Jharkhand Police Cyber Cells have registered numerous FIRs pertaining to this type of cybercrime and are conducting full-scale investigations to apprehend the criminals.

Conclusion

Malware and phishing attacks have gained momentum in the previous years and have become a major contributor to the tally of cybercrimes in the country. DaaM malware is one of the examples brought into light due to the timely action by Cert-In, but still, a lot of such malware are deployed by bad actors, and we as netizens need to use our best practices to keep such criminals at bay. Phishing crimes are often substantiated by exploiting vulnerabilities and social engineering. Thus working towards a rise in awareness is the need of the hour to safeguard the population by and large.