BAKU, Azerbaijan, Sept. 13
By Chingiz Safarli - Trend:
Cases of cyberattacks by the method of Man-in-the-middle and Caller ID Spoofing have spread in Azerbaijan, Farid Pardashunas, an expert in this field, told Trend.
One of the types of cybercrime that has caused a stir in social networks in recent days is the Man-in-the-middle attack. This is a fairly common type of attack in the field of cybercrime when the attacker secretly relays and possibly alters the communication between two parties who believe that they are directly communicating with each other.
“So, attackers call through various fake profiles, in particular, elderly people, politicians, and people with a certain status in a social network. During calls, female profiles are used, which offer the opposite party to perform certain actions of an intimate nature. If the plan succeeds, the cybercriminal takes a video of the victim, sends him this record and, blackmailing him with the distribution of the record, demands money," the expert said.
Since such attacks are usually carried out from abroad using a changed IP address or through virtual networks, it is very difficult to prevent them or identify an attacker.
"The main precaution is not to answer video calls from unknown phone numbers. People are simply being deceived and blackmailed using digital engineering methods. Unfortunately, the older generation is not fully aware of the safe use of the Internet, so they are mainly the targets of these attacks," Farid Pardashunas added.
Man-in-the-middle and Caller ID Spoofing methods also imply changing the number from which the call comes to any other.
"It has been observed for many years, and mobile operators are not immune from such cyberattacks, which is one of the big problems in the field of telecommunications,” the expert said.
The essence of the Caller ID Spoofing attack is that the attacker calls you from a certain number, but the phone display shows the number of a person you know or even a bank whose client you are. If this number is saved in your contacts, the name of this contact is displayed, although a completely different person is calling you. In this case, you need to try to recognize a person by voice – there is no other guaranteed method. If you provide any information, you can become a victim of an attacker. The objects of such cyber-attacks are also mainly elderly people. For example, they think that it is really a call from the bank. As a result, the victim transmits information to an unknown person.
“No government agency or bank can require or demand any confidential information from its client. You can only be invited to the branch of the bank or authority. Basically, attackers try to get bank card data under the pretext of "your card is blocked", "your funds may be stolen", "for security reasons", Farid Pardashunas added.
“I would like to emphasize again that it is impossible to transfer personal information to the opposite side by phone," the expert summed up.
---
Follow the author on Twitter: @cingizsafarli