From fake outlandish crime stories to the reporting of fake stories tied to real events and suspected government manipulation, there was so much fake news in 2017 that the Collins Dictionary made this term their Word of the Year – and this is NOT fake. But the viral nature of fake news headlines and hoaxes does more than spread misinformation and cause confusion, it presents extensive cybersecurity risks that are not making the news.
Advanced fake news spreads using a global network of hoax websites. Attackers can amplify their content and messages using social media, clickbait and advertising. Furthermore, access to data and analytics on content performance and visitor demographics ensures they are able to accurately target and hone the virality of their messages. Here’s a simple and tasty example to show how this works.
In September 2017 a story was released just in time for Halloween with the title, “World’s most popular candy to be removed from shelves by October 2017.” The story was published on breakingnews247.net, and was instantly shared almost 70,000 times across social media channels. The story was even starting to appear on local news and health food websites. Although the story was fabricated and had no ramifications other than causing a handful of individuals to panic and load up on Reese’s Pieces, the potential impacts go much further. With so much data in the hands of a hoax site owner and the ability to rapidly spread content, it would be easy to pivot to more nefarious activities like spreading malware.
The risk of sharing a sensational story is not so obvious – after all, it’s only news, right? But fake news stories are hosted on websites that, although they may look harmless to visitors, actually have the ability to hide malware in plain sight by concealing malicious code inside its content. This practice is called steganography. In 2016, an exploit kit named Stegano was discovered that uses steganography to hide malware inside images that are hosted on remote webservers and delivered as ads. Stegano is built with the intelligence to disable antivirus protections in place and can be modified to deliver a damaging payload, such as ransomware, to initiate an effective targeted attack.
Let’s apply this to fake news: a fake news story is created and shared with a sensational image that contains malware. The story can then be targeted based on social platform, domain name and/or region to reach a susceptible audience that ensures amplification. A user sees the story, clicks to read and shares, immediately becoming infected in the process and further spreading the malicious content to their social networks.
While we have yet to see fake news become a primary weapon for attackers, it’s only a matter of time. In the next year or so, it’s likely that mass socially engineered attacks will become a key tactic for modern hackers or activist groups, with fake news being a weapon of choice. We need to be thinking now about ways to not only reduce the risk imposed by fake news, but also educate people to better identify these threats. So, how can we do this?
● Establish user awareness. Fake news spreads because people naturally want to share information with their social networks. Before sharing a link, always take time to review it – often the URL will be extremely similar to the real site, but with tiny differences. An example of this is the “share to get free stuff” social media scam. At a glance it looks identical, but the shared link has added characters. A quick review could prevent the unnecessasary spread of fake information.
● Utilize profiling services. To keep ahead of targeted campaigns, a number of security companies now offer profiling services that monitor the internet for possible targeting, website hijacking or spoofed company domain names.
● Secure and monitor the entire network. Make sure that you have the right security in place to protect the network and ensure that corporate data remains safe. Installing the latest endpoint security solution and keeping it up-to-date will reduce the risk of any malware being able to infect devices. Also, monitor the network to spot anomalous traffic as early as possible. This prevents malware from contacting C&C servers to activate and also reduces the risk of data leaving the network.
● Stay ahead with machine learning and automation. Once a fake news site has been recognized, it can be instantly blacklisted with updated policies pushed out to all devices automatically. In addition, the benefit of a cloud-based solution means that everyone subscribed to the service will be aware of, and protected against, the threat in near real-time.
While awareness is key and technology is a great assistant, there is one simple practice we can all adopt: think before you click or share. If it seems too good to be true, then it probably is. It’s quite possible that the news story you’re about to share could be part of something much more damaging.

More from Laurence Pitt
- Cyber Safety for Summer Vacation
- The Ever-Increasing Issue of Cyber Threats – and the Zero Trust Answer
- RSAC22 and Infosecurity Europe, Three Weeks, Two Events
- Achieving Sustainable Cybersecurity Through Proper Care and Feeding
- Public and Private Sector Security: Better Protection by Collaboration
- The SASE Conversation in 2022, a Resolution for the Future
- What to Expect in 2022: Microservices Will Bring Macro Threats
- Preventing a Cyber Pandemic in Healthcare
Latest News
- Sentra Raises $30 Million for DSPM Technology
- Cyber Insights 2023: Cyberinsurance
- Cyber Insights 2023: Attack Surface Management
- Cyber Insights 2023: Artificial Intelligence
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- Guardz Emerges From Stealth Mode With $10 Million in Funding
- How the Atomized Network Changed Enterprise Protection
- Critical QNAP Vulnerability Leads to Code Injection
