Now there is a lot of news on social networks, but we all understand that some of them are false. Fake news and disinformation are another powerful weapon. And to prevent such news from spreading, you need to know how to recognize and verify it. The instruction for such a case was prepared by the Ukrainian resource OLX.UA.
How to recognize a fake
- Read the entire article, not just the title. The headline is usually written in such a way as to interest you, although in fact it is not always true.
- Evaluate the reliability of the source on which you read the news.
- Pay attention to the publication date and time. Sometimes old news gives out new ones, only with a different text.
- Check out the sources cited in the news. Are they verified, reliable, official?
- Look closely at quotes and photos. Photos may not match the text in the news, and vice versa.
- A piece of news that uses all capital letters and 20 exclamation points for 3 sentences should make you suspicious. The more fear and despair the information received causes you, the more likely it is a fake.
- Read news only on official sources.
So what types of cyberattacks are most likely to threaten during times of war?
Millions of Ukrainians update their news feed every minute to find out the situation at the front and in the diplomatic field. Meanwhile, the enemy is massively spreading fakes about the alleged capture of cities, the surrender of Ukraine, the evacuation of locals, etc.
How to resist: read only official and trusted sources, not dubious telegrams and posts on social networks. However, keep in mind that in wartime conditions, even reliable media and officials can make mistakes. After reading important news, wait for its refutation or confirmation. A good example is the news about the destruction of CHPP-6 in Troyeshchyna, which was published on the page of the mayor of Kyiv, but later denied the information.
Remember that often the enemy deliberately spreads negative messages in order to demoralize the population and sow panic. So, if you do not see the event with your own eyes and do not hear direct language that is not taken out of context, trust carefully and do not take a word.
We are talking about a fake video in which you see a public face and hear his voice. Thus, the Center for Information Security recently reported that a video message from the President of Ukraine about the alleged surrender to Russia may appear on the network. However, this is machine learning technology that can be used to confuse you and break morale.
How to resist: despite the complexity of the technology at first glance, it is still possible to recognize a deepfake. Please note that when an object, such as a hand, passes in front of the hero’s face, it is distorted, “floats”. In addition, you may notice unnatural skin tone and strange texture, shadows on the face that fall incorrectly, too little or too little clipping, etc.
But the main thing is to watch the appeal of the President and officials only on the official pages and remember that Ukraine under no circumstances will appear to be an enemy and will not capitulate, so any such statements by officials are unambiguously false.
Fake sites and accounts of official structures
To disorient the population, many analogues of the pages of official structures appear. Yes, you can come across a fake account of the Verkhovna Rada of Ukraine on social networks or a fake website of the SBU.
How to resist: if we are talking about pages on social networks, pay attention to whether the account has been verified (blue checkmark next to the name). The second possible clue is a small number of subscribers and messages.
As for websites, be sure to check if the padlock symbol is displayed in the address bar of the browser. This means that the page has passed a detailed check and received a security certificate. Additionally, the site can be checked through the Whois service and find out the date of registration / creation, company ownership and other legal data.
The most common and most effective method of Internet fraud is also used on the cyber front. Attackers send files of various formats – from a link to a website to an archived document or media file. You can receive an unexpected letter both by e-mail and in instant messengers.
An advanced phishing technique is to forge links to sign e-petitions, such as calling on NATO to close the skies over Ukraine.
Usually phishing, that is, fake, emails do not have obvious fraudulent signs. They look like regular messages from a bank, an email service, a delivery service, or even the UN.
These messages must include:
- or extraneous links to fraudulent fake sites that are very similar to the resources of well-known companies;
- or a link to download an unknown application;
- or attachment files that actually contain a malicious application (ransomware, virus, remote access program, and others).
How to resist: The first and foremost rule is not to open unexpected links and files. If they were sent by contacts you know, check what is in the message, because the pages of your loved ones can also be hacked.
Also, you should not download unknown files and applications to your devices. Usually email services, in particular Gmail, have an option to report a phishing email. If you managed to recognize the attack, please report it. This is important because your mail is a means of recovering your password and login on social networks.
Until 2014-2016, many Ukrainians used the Russian domains mail.ru, yandex, rambler, etc. And these mailboxes can remain backup options for accessing your accounts. Even if you changed the box, but did not delete the previous one in the settings. Thus, infidels can break your accounts associated with these mails and spread fakes, misinform your friends/relatives, or perform other fraudulent activities.
As for electronic petitions, remember: if the link is suspiciously long, or, conversely, shortened (for example, through the bit.ly service), it is probably a fake.
Read the site address carefully. Often an attacker replaces just one letter or symbol. Also note that no official institutions will ever ask you for passwords to personal pages or personal/payment data.
- Under the guise of evacuation transportation of citizens, scammers ask for a subscription to the card and simply disappear.
- They make fake announcements to raise money for the treatment of children allegedly affected by military aggression. Do they find photos of injured people on the Internet and collect money to help the victims.
- They create phishing (fraudulent) sites that look like real charitable foundations. And they steal passwords, secret card details and personal data, as well as money.
How to resist:
Check the correctness of the name of the sites where you go and where you enter your personal data. The addresses of the real and fraudulent site may be similar, except for one or more characters.
If you received a link to a charity foundation website in a messenger, SMS or e-mail, or saw a corresponding link in a post on social networks not from an official source, do not click on the link. It is better to enter the name of the required site in the search engine and only then go to the web resource.
Help the army and Ukrainians affected by Russian aggression, but use reliable sources. Yes, the National Bank of Ukraine opened special accounts for fundraising.
Capture of Ukrainian accounts in Telegram
In the early days of the war, many Telegram users complained that they were shown their own location in Moscow, Cherkessk and other Russian cities in the page settings. This is all the work of the enemy, who, through Ukrainian profiles, is waging an information war against Ukraine.
How to resist: Check if your Telegram account is being used by attackers. This is easy to do: in the settings, look at which region the device is connected from. If the location of the phone or computer matches the real one, all is well.
To reduce the risk of an evil account, be sure to enable two-factor authentication if you haven’t already. Only by setting up two-step verification during authorization will you protect yourself from profile theft. And this applies to accounts in all social networks.
Verified sources of information
- Office of the President of Ukraine: Telegram i Facebook.
- General Staff of the Evil Forces of Ukraine: Telegram i Facebook.
- Cabinet of Ministers of Ukraine: Facebook.
- Verkhovna Rada of Ukraine: Telegram i Facebook.
- Ministry of Defense of Ukraine: Facebook.
- Ministry of Internal Affairs: Facebook.
- Land military ZSU: Facebook.
- Viyskovo-marine forces ZSU: Facebook.
- Territorial defense of ZSU: Facebook.
- National Police of Ukraine: Telegram i Facebook.
- Sovereign Service of Supervisional Situations (DSNS): Telegram i Facebook.
- Sovereign cordon service of Ukraine: Telegram i Facebook.
- Center for strategic communications and information security: Telegram i Facebook.
- Sovereign service of a special liaison and defense of information in Ukraine: Telegram i Facebook.
- Ministry of Infrastructure of Ukraine: Telegram i Facebook.
- Security Service of Ukraine: Telegram i Facebook.
- The channels of the heads of the ODA of their region and the channels of the local councils.