Who doesn't want to use AI to shine social media posts? In a recent malvertising campaign, threat actors have been hijacking social media pages, renaming them to mimic popular AI photo editors, and posting malicious links to fake websites.
The attackers take over social media pages, often related to photography, and change their names to make them look like popular AI photo editing platforms. They then create harmful posts with links to fake websites that appear to be authentic photo editing platforms. To gain access to the targeted social media page, the attackers send phishing links to the page administrators. These links direct the users to fake account protection pages that deceive them into providing their login information, such as their name, mobile phone number, and date of birth. Once the attackers gain control of the social media pages, they post advertisements linking to the fake AI photo editors. Victims who download the false photo editor actually end up installing a type of software that allows the attackers to control their devices remotely. This software is then used to download and run programs that steal login information, resulting in the theft of sensitive data and credentials.
Takeaway
- Use strong, unique passwords and enable two-factor authentication for all your social media accounts
- Be aware of phishing tactics and how to recognize suspicious links
- Regularly check for unusual activity on your social media accounts. Configure your profile to notify of any changes
#ALTACyber
------------------------------
Genady Vishnevetsky
Chief Info Security Officer
Stewart Title Guaranty Company
Houston TX
------------------------------