This person does not exist or does he!

Hello there let’s start with a simple question, Do you know any of these people?

Ok, the answer is you don’t no one does. Because none of them is real, They all generated from this website: thispersondoesnotexist a machine learning project for creating fake people which uses a generative adversarial network, also known as GAN’s, here is a good article to know more about it.

Well ok, what’s with the title why this is such a big deal and creepy, Because it’s more than that, This is just the beginning of something deeper and deeper than you think, those pictures are just the start, well for you maybe they are just faces generated using artificial intelligence but those faces play a bigger role when they misused by the wrong people.

You may have received a message on social media or LinkedIn from someone that looks legit with a couple of friends and a good job looks normal to you but have you wondered if that person is real or, what is his attention toward you.

So let’s take a deeper dive into this matter and how could all of this be related, let’s start with The Sock Puppets,

What is Sock Puppets?

From the Oxford dictionary: “A false online identity, typically created by a person or group in order to promote their own opinions or views “ well this sound interesting and there a lot of good article out there that explain it in-depth, for example, my favorite one which is “Getting in Bed with Robin sage“ by “Thomas Ryan” from BlackHat 2010 which explained a lot how people could be manipulated and convinced easily now a day on the internet and talk to people providing there information’s to unknown people for let’s say “their own reasons!”

Well this brings as to the next part which is

Social engineering:

All of this leads to one goal, how to get peoples information’s or how to pwn people for further exploits, or extortion.

Well, the most common type of attacks in social engineering is phishing:

Let’s get some statistics:

1) 55% of all emails are spam according to (Symantec)

2) Only about 3% of malware tries to exploit an exclusively technical flaw. The other 97% instead targets users through social engineering (KnowBe4)

3) 91% of attacks by sophisticated cybercriminals start through email (Mimecast)

Now let’s get back to where we started with fake identities these stats show the huge impact of social engineering attacks in cybersecurity and the most vulnerable part is human error being the top cause of data breaches which could be intentional or unintentional.

Fake identities play a big role in this aspect after you have been exposing your information:

Where you work what you do and more this information could be your downfall for you and your company and more.

Fake identity or FOT (Fake of things) has been there forever and its purpose actually depending on the person behind it, but now it’s stronger and harder to spot than before why? because of the evolution of technologies nowadays.

If you ask someone how to spot if someone is fake well first thing that could come to his mind to google them, why because we google everything what if you found a lot of info about that person does that mean his legit well if that’s the case, I will tell you wrong,

If someone going to create a fake identity using all of this you think he will leave you something to catch them well think again.

There is a couple of ways to spot this person which bring us to our next section:

OSINT:

What is OSINT?

Open-Source Intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context

First Open does not mean free and it is not related to open-source software. Open references to overt — not covert.

Next Information is everywhere — where?

* the internet (surface web-DeepWeb-DarkWeb)

* traditional mass media (e.g television,newspaper,radio)

* Books, journals, Conferences, Annual Reports, Publications,

Profiles, Stickers(Baby on Board example)

* Photo/ Video metadata

* GeoInformation

How to spot FOT :

login times

IP addresses

Location example :(geosocialfootprint.com)

Image check example :(tineye.com)

let’s start with one of the pictures we generated earlier

Now let’s try with someone famous

Conclusion:

In the end, I made this article for educational purposes and to raise awareness about the threats we facing today and how we may get exploited I hope you like it and found this article informative and useful.

Resources:

Where you can find me :

LinkedIn

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mohamed smidi

Mohamed smidi

Cyber Security Engineer | Researcher