Iranian Fake News Websites Exposed

Uploaded on 2019-06-11 in TECHNOLOGY-Key Areas-Social Media, INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW

The Citizen Lab at University of Toronto have released a case study of Endless Mayfly, “an Iran-aligned network of inauthentic websites and online personas used to spread false and divisive information primarily targeting Saudi Arabia, the United States, and Israel.”  Here’s how the “disinformation supply chain” worked:
 
Step 1: Create personas: Endless Mayfly personas establish social media identities that are used to amplify specific narratives and propagate Endless Mayfly content.
 
Step 2: Impersonate established media sites: Using typosquatting and scraped content, sites are created to impersonate established media outlets, such as Haaretz and The Guardian, which then serve as platforms for the inauthentic articles.
 
Step 3: Create inauthentic content: Stories combining false claims and factual content are published on the copycat sites or as user-generated content on third-party sites.
 
Step 4: Amplify inauthentic content: Endless Mayfly personas amplify the content by deploying a range of techniques from tweeting the inauthentic articles to privately messaging journalists. Multiple Iran-aligned websites also propagate content in some instances. In one case, Bot activity was observed on Twitter.
 
Step 5: Deletion and redirection: After achieving a degree of amplification, Endless Mayfly operators deleted the inauthentic articles and redirected the links to the legitimate news sites that they had impersonated. References to the false content would continue to exist online, however, further creating the appearance of a legitimate story, while obscuring its origins.
 
One of the fake articles created was purportedly by The Atlantic. The articles were fake and it wasn’t too hard to tell if you’re a savvy news reader, though that doesn’t mean that some legitimate media outlets weren’t fooled.  WhatsApp has tried to fight the spread of fake news by adding app controls that limit the number of times a message can be forwarded to five. But recently Reuters reported how easy it is to get around those controls: 
 
“WhatsApp clones and software tools that cost as little as $14 are helping Indian digital marketers and political activists bypass anti-spam restrictions set up by the world’s most popular messaging app.”
 
Key Findings
• Endless Mayfly is an Iran-aligned network of inauthentic personas and social media accounts that spreads falsehoods and amplifies narratives critical of Saudi Arabia, the United States, and Israel.
• Endless Mayfly publishes divisive content on websites that impersonate legitimate media outlets. Inauthentic personas are then used to amplify the content into social media conversations. In some cases, these personas also privately and publicly engage journalists, political dissidents, and activists.
• Once Endless Mayfly content achieves social media traction, it is deleted and the links are redirected to the domain being impersonated. This technique creates an appearance of legitimacy, while obscuring the origin of the false narrative. We call this technique “ephemeral disinformation”.
• The investigation identifies cases where Endless Mayfly content led to incorrect media reporting and caused confusion among journalists, and accusations of intentional wrongdoing. Even in cases where stories were later debunked, confusion remained about the intentions and origins behind the stories.
• Despite extensive exposure of Endless Mayfly’s activity by established news outlets and research organisations, the network is still active, albeit with some shifts in tactics.
 
CitizenLab:       NiemanLab:        
 
You Might Also Read:
 
Cognitive Science Can Explain Why Fake News Works:
« Three New Free Cyber First Courses For Students
Ford Cars Employ New AI Systems »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Akin Gump Strauss Hauer & Feld

Akin Gump Strauss Hauer & Feld

Akin is a leading global law firm providing innovative legal services and business solutions to individuals and institutions. Practice areas include Cybersecurity, Privacy and Data Protection.

National Association of State Chief Information Officers (NASCIO)

National Association of State Chief Information Officers (NASCIO)

NASCIO's Cybersecurity Committee focuses helps state CIOs to formulate high-level security and data protection policies and technical controls.

Marvell Technology Group

Marvell Technology Group

Marvell is a semiconductor company providing solutions for storage, processing, networking, security and connectivity.

AFNOR Group

AFNOR Group

AFNOR Group designs and deploys solutions based on voluntary standards around the world and provides services including training, professional and technical information, assessment and certification.

Industry IoT Consortium (IIC)

Industry IoT Consortium (IIC)

The Industry IoT Consortium is the world's leading organization transforming business and society by accelerating the Industrial Internet of Things (IIoT).

Dellfer

Dellfer

Dellfer secures connected cars and other IOT devices through Intrinsic protection, enabling the most sophisticated cybersecurity attacks to be seen instantly and remediated with precision.

Axiomtek

Axiomtek

Axiomtek is a leading design and manufacturing company in the industrial computer and embedded field.

ProSearch Partners

ProSearch Partners

ProSearch Partners are national talent acquisition specialists exclusively focussing on Technology and Digital talent including Cybersecurity, Data Analytics and Execs.

DeFY Security

DeFY Security

DeFY Security is a Cyber Security solutions provider with more than 20 years of experience securing financial institutions, healthcare, manufacturing and retail.

In Fidem

In Fidem

In Fidem specializes in information security management, with a bold approach that views cybersecurity as a springboard to organizational transformation rather than a barrier to innovation.

ST Engineering Antycip

ST Engineering Antycip

ST Engineering Antycip (formerly Antycip Simulation) is Europe’s leading provider of professional grade COTS simulation software, projection & display systems, and related engineering services.

Uptime Institute

Uptime Institute

Uptime Institute is an unbiased advisory organization focused on improving the performance, efficiency, and reliability of business critical infrastructure.

Dotsquares

Dotsquares

Dotsquares leverage the latest web and mobile technologies to build, grow and support your business.

SecAI

SecAI

SecAI is an innovative threat intelligence-driven, and AI-powered vendor aiming at cyber threat detection and response.

SiyanoAV

SiyanoAV

SiyanoAV's range of antivirus products delivers strong protection against various cyber threats, including malware, ransomware, phishing schemes, and beyond.

RySec

RySec

RySec specialize in affordable cybersecurity solutions designed to protect your business from today’s ever-evolving threats.