In June 2018 an Amnesty International employee received a suspicious WhatsApp message inviting them to cover a Saudi Arabian protest. The message contained links carrying mobile spyware. They resembled WhatsApp messages sent to other Saudi activists abroad.
The link at the end of these messages have been traced to a network of over 600 domain names. Amnesty International traced the network to the spyware Pegasus developed by NSO Group. NSO Group has said they provide governments with this technology to “combat terror and prevent crime.”
NSO Group has called these messages“Enhanced Social Engineering Messages” or ESEM.
Clicking on that link would have given attackers access to the victim’s phone and date trail. If it is Pegasus it would have allowed the hackers to listen to phone calls, read text messages, access passwords, and geolocate the user.
What’s there to learn?
The malicious software, like SamSam, targeted institutions and individuals who seem especially vulnerable.. Although this played out on an international scale there are basic principles that are important to recognize.
The Amnesty International employee recognized this attack as phishing. Whenever you receive information from an unidentified sender don’t click on an embedded link!
- Get McAfee Total Protection. This McAfee package can protect 5 devices, including your cellphone and tablet, from spam and it encrypts your data. Get a discount on it here!
- Use a VPN to ensure no one can spy on your Internet activity. NordVPN encrypt the data you send and receive so it’s difficult to intercept.
- Run a FixMeStick scan to ensure no snooping malware has been installed on your computer. Make sure your files and memories are safe.
Subscribe to our FixMeStick newsletter here to keep up with the latest updates.