Surveillance and Activism
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
SURVEILLANCE AND ACTIVISM:
PREVENTING DIGITAL ATTACKS
In October 2016, Rasul Jafarov received an unexpected phone call. As Amnesty
International’s investigation later found, someone was pretending to be him in order to
deliver phishing attacks to human rights defenders…
RASUL JAFAROV
Prominent lawyer,
human rights
defender, former
prisoner of
conscience
• August 2014: Detained on trumped up charges in
Azerbaijan
• July 2015: Sentenced to more than six years in prison
• 17 March 2016: European Court of Human Rights
ruled Rasul’s pre-trial detention violated his
• Same day: Rasul was pardoned and released
• To date: Rasul continues his imporant human rights
work,calling for transparency, accountability and justice
Hi Rasul, I received an
e-mail from someone
claiming to be you, but
this is not your e-mail
address…
Someone is
impersonating
me. Others have
received fake
e-mails too…
From: Rasul Jafarov<rasuljafarov1@gmail.com>
To:
Cc:
Subject: Political prisoner list
Friends,
I would like you to be acquanited with the latest list, please confirm receipt.
The-Political-Prisoner-List.docx
<Link To Download Attachment Containing Real Document And Spyware>
USERNAME AND PASSWORD
ARE STOLEN AND ATTACKERS
CAN NOW ACCESS YOUR
EMAIL ACCOUNT
ATTACKER
FROM: Rasul Jafarov <rasuljafarov1@gmail.com>
We pretended to be Rasul
and sent fake e-mails to targets. Once
the targets open the aachment, they will
download a document and, unknown to
them, install our spyware
on their devices.
So they will not know
about the spyware?
Correct. We can use it to take
screenshots of their computers.
Private messages, photos, work and
personal info, we can see it all.
What else can our
spyware do?
It installs a keylogger. We can see
everything that they type on their
keyboard. Passwords, personal
information, the text of encrypted
messages, we will see it all.
DIGITAL ATTACKS
Excellent. Today we impersonated
Rasul Jafarov. Tomorrow let’s pose as
another human rights defender…
PROTECT YOUR INFORMATION!
1
CHECK WHO THE SENDER IS: Always check who sent the message.
Be cautious if you do not recognize the sender.
<attacker1@gmail.com>
From:
To:
Cc:
Subject:
Human Rights Commission
HOVER CURSOR OVER THE LINK
2
CHECK WITH THE ALLEGED SENDER:
Contact the alleged sender using a different
communications service, for example by
phone, to see whether they actually sent it.
This is not my e-mail address and
I did not send you that message…
3
IF IN DOUBT, DO NOT OPEN LINK: If the link seems real, do not
open it or download anything unless you are certain that a trusted
contact sent it to you.
Link to open this invite? But I
know this event is not real…
Click link to open an
invitation to the US embassy
OPEN
To read Amnesty International’s report in full, please see:
https://bit.ly/2hDmOZ0