HackerReport: America's Cybersecurity Newsletter
Posts
AT&T Data Breach, AI Deepfakes, and Instagram Security Tips

AT&T Data Breach, AI Deepfakes, and Instagram Security Tips

AI Takeover Has Started

Ben
July 23, 2024

In this week’s issue of HackerReport, the main themes are social engineering in AI, social media security, and cryptocurrency security.

What’s Inside

AT&T Data Breach Exposes Customer Data
US Senate Blasts Social Media CEO’s
AI Deep Fakes: What Are They and How Do I Protect Myself?
Instagram Social Media Security Tips
The Rise of Cryptocurrency Attacks
Cybersecurity Word of the Day: AI Hallucination

Cybersecurity News This Week

1. 😿 AT&T Data Breach Exposes Customer Data

AT&T disclosed a data breach exposing phone call and text message records for nearly all of its 110 million customers
Stolen data includes records of calls and texts between May 2022 and January 2023, phone numbers involved, and approximate locations based on cell site IDs
AT&T reset customer passwords and is working with the FBI and law enforcement

📱 📱 Be on the lookout for phishing attempts! 📱 📱

Cybersecurity Crash Course

3. 🤖 AI Deep Fakes: What Are They and How Do I Protect Myself

What Are AI Deep Fakes: AI deep fakes are realistic, computer-generated images or videos created using advanced deep learning techniques. These fake media can imitate the appearance, voice, and actions of real people, making it difficult to discern authenticity. In fact, cybercriminals used AI deepfakes to falsely pose as Arup ’s CFO, leading a staff member to transfer $25 million to Hong Kong bank accounts. Doh!

Why It's Important: Understanding and protecting yourself from AI deep fakes is critical to prevent misinformation, identity theft, and reputational damage.

How Attackers Use Deep Fakes: Cybercriminals create convincing fake videos or images of trusted individuals like co-workers (including executives), celebrities, politicians, or even family. These deep fakes can be used in scams, blackmail, or to spread false information.

Basic Measures To Protect Yourself:

Verify Sources: Initiate contact with the source out-of-band through official contact methods, such as published phone numbers on the business’s website or other official contact information.
Be Wary of Unusual Communication: Question the authenticity of videos and images, especially those that seem out of character for the person depicted or come from unverified sources.
Never Disclose Personal Information: If you suspect you are being socially engineered, or something just seems to not be right, do not disclose any information to the potential attacker. Delete or ignore the email, text, video, and/or phone call.
Collaborate With Experts: Contact a reputable cybersecurity team to help, such as ZeroVuln. 😀

Actionable Tips: Aside from the tips above, consider using deepfake detection software, such as Deepware or Sensity. Look at the face for unnatural skin, blurry edges, odd eye movements, and fake facial hair; again, contact your cybersecurity team to help!

Parents Section

What Are Instagram Security Risks?
Instagram security risks include unauthorized access, phishing scams, privacy breaches, and impersonation. Hackers can exploit weak passwords and poor security settings to gain access to your account, and steal sensitive information and/or credentials from you and your followers.

Why Instagram Security Is Important:
Securing your Instagram account is crucial to protect your personal information, prevent identity theft, and maintain your privacy. A compromised account can lead to the misuse of your data and negatively impact your reputation.

How Attackers Compromise Accounts:
Cybercriminals use phishing scams, weak passwords, and social engineering to gain unauthorized access to Instagram accounts. They may send fake login pages, malicious links, or direct messages to trick users into revealing sensitive information, such as credentials.

Basic Protection Measures:

Enable Multi-Factor Authentication (MFA): Add an extra layer of security by requiring a second form of verification.
Use Strong, Unique Passwords: Create passwords with a mix of letters, numbers, and special characters. Use a password manager to store and generate passwords.
Review Privacy Settings: Regularly check and update your privacy settings to control who can see your posts and interact with you.
Be Wary of Phishing Scams: Do not click on suspicious links or provide personal information in response to unsolicited messages. Verify the source of any communication claiming to be from Instagram.
Monitor Account Activity: Regularly check your account activity for any unauthorized access or unusual actions.
Set up Recover Options: Create account recovery options (email, phone, WhatsApp).
Update the App Regularly: Keep your Instagram app up to date to benefit from the latest security features and patches.

🪄🪄 My precious social media account…🪄🪄

Advanced Users Section

5.🛡️The Rise of Cryptocurrency Attacks

What’s all the buzz about cryptocurrency? Bitcoin, Ethereum, Shiba Inu, Strump… what’s the deal? If you’re confused, you’re not alone. In its simplest form, Cryptocurrency is a digital currency designed to work as a medium of exchange through a computer network that is not reliant on any central authority, such as a government or bank, and its popularity is growing.

Although when there is software, there are vulnerabilities and vulnerabilities lead to attacks. Recent attacks have highlighted security breaches in the crypto space, such as cold wallet breach with Ledger and Lazarus hacking group targeting crypto wallets.

If You Own Crypto, Learn How To Protect Yourself:

Use hardware wallets (e.g. Trezor) for storing your cryptocurrency, and a crypto seed storage device (e.g. Zeus by Cryptotag) to protect your passphrase to your wallet.
Enable multi-factor authentication (MFA) on all cryptocurrency exchanges, preferably using phishing-resistant MFA; use strong, unique passwords and a password manager to manage these passwords.
Keep software/firmware to your apps and wallets updated.

🌚 To the Moon!!! 🌚

Cybersecurity Word of the Day

6. 📖 AI Hallucination

AI Hallucination: A phenomenon where AI systems generate outputs not based on real-world data or logical reasoning. This can occur in machine learning models when they produce unexpected or incorrect results due to flawed data or algorithms.

Example: “Mike asks an AI chatbot integrated into his bank's website about the interest rates on his savings account. Due to a hallucination, the AI chatbot incorrectly informs Mike about a promotional offer that doesn't exist and provides a link for more details. This link, generated by the chatbot’s hallucination, leads to a non-existent page. Mike, confused by the incorrect information, contacts customer support for clarification. While this specific incident didn’t lead to direct harm, it highlights the potential risk of AI chatbots giving out false or misleading information.”

❤️ Thank you for reading this issue of HackerReport brought to you by ZeroVuln^SM, Your Personal Cybersecurity Team^TM. ❤️

In our next issue, we'll dive into critical topics like misinformation during the US Election, strategies to reduce the risk of physical and environmental threats, and the growing concern of virtual kidnapping. Until then, stay safe online!

Helpful Links

Need help with your security? Contact ZeroVuln or book an appointment directly. Learn more about our services at www.zerovuln.ai.
Have a topic or product you'd like us to review? Want to share your feedback or give us some love? Drop us an email at [email protected]. We’d love to hear from you!
Do you have an idea for a newsletter and you love the platform we use? You’re in luck! Get a free 30-day trial + 20% OFF for 3 months. Sign up here.
Please help us reduce data breaches and grow our newsletter! Send this subscribe link to your friends, family, and/or co-workers.