Online harassment - Online Cyber Security News

Ever since the creation of online chat rooms and then social networking, people have changed the way they interact with their friends and associates.

However, when it comes to anonymous chatting services, you don't even know what kinds of individuals you are dealing with.

Sharing identifiable information about yourself with them could put you at risk of becoming a victim of stalking, harassment, identity theft, webcam blackmail, and even phishing scams.

Have you heard of Omegle? The popular, free online anonymous chat service that allows you to chat with random strangers, without any registration. The service randomly pairs you in one-on-one chat window where you can chat anonymously over text or webcam.

But, are your chats actually Anonymous?

No, all your chats are recorded and saved by the service. So, if you have shared your personal details such as your name, phone number, or email address, with anyone over the service, you are no more anonymous.

Even the website describes its service as, "When you use Omegle, we pick someone else at random and let you talk one-on-one. To help you stay safe, chats are anonymous unless you tell someone who you are (not suggested!), and you can stop a chat at any time."

And here comes the worst part:

The recorded online conversations are saved in such a way that anyone with a little knowledge of hacking can pilfer them, revealing your personal information along with those dirty chats that could be used to harass or blackmail you.

Indrajeet Bhuyan (@Indrajeet_b), a young Indian bug hunter, has shown The Hacker News that how Omegle is saving screenshots of every 'so-called' anonymous chat session at a specific location on their web server, which could be downloaded by anyone with little knowledge of website structure.

Bhuyan wrote a simple python script, Omegle-Chat-Hack, that automatically downloads the saved screenshots from the website.

As a proof-of-concept, he also published some of those screenshots, showing how easily people, especially teenagers, share their personal details and contact info with strangers on a service, where they are supposed to stay anonymous.

"People on Omegle often think their chats are private and automatically get deleted once they disconnect from the conversation," Bhuyan told me. "Due to this false sense of security, people often share their sensitive information on the service. Omegle-Chat-Hack is a tool that demonstrates how insecure these online chat services are and how one can read your private messages sent over the service."

So, you should be careful with what identifiable information you are sharing over such online service while chatting with strangers. The more personal information you share, the more chances there are for others to misuse your information.

Frankly, you should take your online privacy very seriously.

Online harassment has been elevated a step with the advent of popular social networks like Facebook.

Cyber stalkers create fake profiles impersonating other Facebook users and start doing activities on their behalf until and unless the owners notice the fake profiles and manually report it to Facebook.

Even in some cases, cyber stalkers block the Facebook account holders whom they impersonate in order to carry out mischievous tasks through fake profiles without being detected by the actual account holders.

But now, online criminals can no longer fool anyone with impersonation method, as Facebook is currently working on a feature that automatically informs its 1.6 Billion user base about the cloned accounts.

If the company detects a duplicate Facebook account of a user, it will automatically send an alert to the original account holder, who'll be prompted to identify if the profile in question is indeed a fake profile impersonating you or if it actually belongs to someone else.

How would Facebook identify the Clone Profiles?

The new feature would reportedly inform Facebook users about their cloned accounts when it finds a perfect match of both profile pictures and profile names.

However, it seems like Facebook would use its one of the world's best face recognition technologies to identify users' fake profiles.

While uploading a group pic of you with your friends, you might have noticed how Facebook automatically detects your friend's face and suggests the correct names without manually feeding into it.

This face recognition technology could be utilized by Facebook's new feature that eliminates the chance of profile duplication and ends up the doppelganger business.

Here you might be thinking that if 2 accounts are made identical, then how would Facebook identify the legit user? Right?

This difference would be decided by Facebook's core security team by analyzing and comparing the user's activities and date of account creation.

But one question still remains in my head:

If Facebook identifies the difference on the basis of account creation, then What if someone creates a fake profile of a user, who hasn't joined the network yet?

Okay, if Facebook cannot stop this, as the company can not compare the fake user to the original user, who doesn’t exist on its platform.

But what if the user joins the network later? Then in this case, Facebook would notify to whom? The stalker who owns the fake profile, as it was created first?

I have already reached out to Facebook for a comment and will update the article as soon as I get to hear from it.

Why is Impersonation Dangerous?

According to the Facebook Head of Global Safety Antigone Davis, impersonation is a source of harassment, particularly for women, on the social media platform, despite Facebook's longstanding policy against it.

"We heard feedback [before] the roundtables and also at the roundtables that this was a point of concern for women," Davis told Mashable. "It's a real point of concern for some women in certain regions of the world where [impersonation] may have certain cultural or social ramifications."

We have seen a plethora of impersonation examples spanning around the Facebook case studies.

the Impersonation is a tool in the sextortionist's bag.

Threatening to use women's photos to associate them with prostitution was one trick used by Michael C. Ford, the former US Embassy worker who was sentenced to nearly 5 years in jail after pleading guilty to sextorting, phishing, breaking into email accounts, stealing explicit images and cyberstalking hundreds of women around the world.

Facebook's new security measure would also give a degree of trust to women who are stepping back to upload their real images on the platform due to the fear of impersonation.

Facebook has already introduced this new feature to 75% of the World, including India, Brazil, some South American countries and South East Asian zones, where the usage of the social network is prevalent. The feature will be rolled out in November for the rest of the world.

Features Yet to Release!

Parallely, Facebook is also working on similar two technologies which report non-consensual intimate images and a Photo Checkup feature.

Non-consensual intimate images reporting facilitates the user to report any nudity in the Facebook and additionally it also avails the option to identify themselves as the subject of the photo (if so).

The Photo Checkup feature is similar to Facebook's Privacy Dinosaur, which helped users check their privacy settings such as profile info, status info and which apps have the access to the accounts in a single popup window.

Likewise, Photo Checkup is exclusively dedicated to figuring out: Who can view your photos and who cannot!

Facebook is rolling out many security-centric features, which bolsters the security and privacy of User Information in the virtual world.