Attackers who use phishing scams to target human rights defenders in the Middle East and North Africa (MENA) are developing increasingly sophisticated techniques to infiltrate their accounts and evade digital security tools, according to new research published by Amnesty Tech.
The organization highlighted three key tactics attackers are employing to ensnare people who take extra steps to secure their accounts online. These include asking users to reset the password on their Google accounts; tricking them into authorizing apps which purport to “secure” their Outlook accounts; and abusing legitimate authentication process apps to infiltrate accounts.
“Human rights defenders across MENA need to be on high alert. Even as they get better at using digital tools to secure their accounts, attackers are developing sophisticated new ways to get past these tools,” said Claudio Guarnieri, Senior Technologist, Amnesty Tech.