-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi libtech,
Back in May I asked for examples of fake websites and social media that impersonate civil society and news organizations to include in a report that we at Access were working on. Thanks to all those who provided feedback, we have now released the report: One of These Things is Not Like the Other: A Report on Fake Domain Attacks https://www.accessnow.org/FakeDomainsReport [pdf] The report details how civil society organizations and news media are the targets of a variety of sophisticated attacks to compromise their websites and users, including the use of fake websites and social media profiles. These fake domain attacks may be created with the intention to draw readership from the original website and display alternative content, create confusion amongst a targeted community, or serve malware to compromise the target audience of the original website. Attacks were seen in countries as diverse as Belarus, Iran, Vietnam, and Kazakhstan. We have observed these attacks on the eves of elections and other important political events, including during critical social and political periods. Attacks in Iran and Belarus attempted to minimize the spread of information and disrupt potential civil unrest during political elections and anniversaries. Other attacks in Belarus and Kazakhstan utilized the privileged position internet service providers (ISPs) have in a user’s interaction with websites to redirect them away from targeted websites to the fake websites. In addition, many fake domains took advantage of procuring similarly-named URLs as the targeted website in order to provide a sense of trust to the unwary user. As news organizations and citizen media increasingly rely on digital means to present their work, state-level adversaries are relying on novel ways of diminishing their impact and targeting their readers. Our data provides a window into the methods and effectiveness of these attacks and the type of government environment that gives rise to them. In addition, our report provides a number of mitigation mechanisms – technical, policy, and legal – against fake domains for both users and targeted websites. By providing such frameworks for mitigating these attacks, we hope this report will give human rights defenders some of the tools and understanding needed to better protect themselves and their work in a hostile digital world. In conjunction with the report, we have released an online tool “Fake Domain Detective” (fakedomains.accessnow.org) to help organizations and individuals search for fake domains of civil society and independent media websites. If you run across any suspected fake domains or have feedback on the tool, please share your findings with us at repo...@accessnow.org. Blogpost with overview of the report: https://www.accessnow.org/blog/2013/08/01/one-of-these-things-is-not-like-the-other-report-on-fake-domains-attacks-on Read the report [pdf]: https://www.accessnow.org/FakeDomainsReport Test out the Fake Domain Detective: http://fakedomains.accessnow.org Report suspected fake domains: repo...@accessnow.org The report was written and managed by Michael Carbone; data analysis and visualization by Béchir Nemlaghi and Dillon Reisman; policy and legal analysis by Peter Micek, Drew Mitnick, Wes Paisley; design by Mira Rojanasakul; Brett Solomon, Gustaf Björksten, Jochai Ben-Avie. Let me know if you have any thoughts or comments, thanks! Best, Michael - -- Michael Carbone Manager of Tech Policy & Programs Access | https://www.accessnow.org mich...@accessnow.org | PGP: 0x81B7A13E PGP Fingerprint: 25EC 1D0F 2D44 C4F4 5BEF EF83 C471 AD94 81B7 A13E -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJSMKsGAAoJEDH9usG3Jz33EhAP/RmSOa/j8XQj0H/HkM3QONjr 5qcwr2Eli08U6meu5uzrsesx1yCykB1SlJeeWi4GbKPjIejQrg8nfzWvJyvq40+l yJgDFOE9M0I5UFWu+FcPXIezEiCJSwhgQd2Qe7kgUOwrmCzCsWfJmFkQQeU918dc /f+sLW+DR0g1vTZXvFc3b1nd8CI1y9Gx+KacoM3HX4SIikDKn+UDfvmetvJ3K3EH FwuIQssBRNAy4bhSEKUAz8j8EFCBze66zA0vnTMFL/szkM3khH+D7PawaYUAy74g /cTs2DMnIEObBLgcJnRue5mXjpMjm6Rx0J7hl9oIS+IybOTkpJAsPpq/yT1NwRRg nFxNdSOCWeZkgExuvzFgK/hNeJN4PbYNFmwyKixYLxln+G1jYsCP9k2x5OAXV4E5 G5Al7fbBvZEKRh+h/htsyUs6VJfVHq81mCX0xT60BH4rM8e35j7R6NkQbwsZ94AH v6jCmCKK6ZpiA08z3yuRdXQpHiaoXNZDyRay8Er91abMyFhfv7V0OWGBE0/2fhXh Qgw8Nqtyd8+v76TuSWc22z7ymHvQ8r40zU0N185AuA2Qcr9/lJ85wvQCKZyYzJQX phdGoDiWuz9dmdgC6RwPnX6PfA4TBHmu/WknWjBLkrFJmRHdhleBal96D0yX3qyx DGk+mMtrMkp28aSohcNC =HZx0 -----END PGP SIGNATURE----- -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.