Security Stop Press : Bill Ackman Imposter Scam Warning

Billionaire hedge-fund manager, Bill Ackman’s Pershing Square Capital Management company has warned of the risks posed by recent Facebook ads impersonating Mr Ackman as part of an imposter fraud scam.

Mr Ackman’s company says it has already discovered 90 different versions of the advert which lures people into clicking on the ad by using Mr Ackman’s photo and identity (celeb-bait) and promising unrealistic investment returns. The intention of the adverts, placed by cyber criminals, is to steal the money of investors who fall victim the scam.

Facebook has described trying to stop such ads (more appear as soon as others are reported and taken down) like being like a game of “whack-a-mole”. Mr Ackman joins a long line of celebrities whose identities have been used by scammers. The general advice is that if an ad seems too good to be true or uses a celebrity to grab your attention, double-check before you click or buy anything.

Security Stop-Press : Deepfake ‘Sextortion’ Scams

The (US) FBI has issued a warning that scammers are altering benign photographs and videos to create explicit deepfake photos videos. The deepfake videos and photos are publicly circulated on social media or pornographic websites and/or sent to victims for the purposes of targeting them with harassment or sextortion schemes. The advice is to exercise caution when posting or direct messaging personal photos, videos, and identifying information on social media, dating apps, and other online sites.

Security Stop-Press : Scammers Advertise Hacking Services On US Government Websites

A senior researcher at the Citizen Lab has revealed that scammers have been uploading PDFs containing links to multiple government and university websites. Some of the PDFs have been found to contain links to websites offering hacking services for Instagram, Facebook, and Snapchat accounts.

It’s also thought possible that some of the uploaded PDFs could have malicious content. It’s been suggested that scammers have been able to exploit a flaw (an out-of-date plugin module) in the Kentico CMS to upload the documents and it’s been reported that the U.S. cybersecurity agency, CISA, is working with affected websites to ensure these PDFs are removed.