Netizen Report: Egyptian NGOs Face Rampant Phishing Attacks, Researchers Say

Cartoon by Doaa Eladl via Flickr, Web We Want ( CC BY-SA 2.0)

Global Voices Advocacy's Netizen Report offers an international snapshot of challenges, victories, and emerging trends in Internet rights around the world.

Researchers at the Egyptian Initiative for Personal Rights (EIPR) and the University of Toronto’s Citizen Lab exposed a series of at least 92 phishing attempts targeting the digital communications and data of human rights defenders, lawyers, and activists associated with seven prominent non-governmental organizations in Egypt. The attacks were carried out not through highly sophisticated technical means, but rather using social engineering, where attackers effectively masqueraded either as colleagues and confidants of the NGO workers, or as technology companies seeking account verification.

Among those targeted were EIPR, the Association for Freedom of Thought and Expression, and Nazra for Feminist Studies, all groups that have partnered with Global Voices in the past. EIPR has published their own report on the findings, in Arabic, on their website.

In one example, just hours after women’s rights lawyer Azza Soliman was arrested at her home, her colleagues received a message purporting to share with them a Dropbox file containing her arrest warrant. The message in fact led to a malicious software program that sought to infiltrate their devices.

In other cases, NGO workers received account authentication messages from official-sounding email addresses such as dropbox.noreplay [at] mail.com and fedex_tracking [at] outlook.sa, which in fact were malicious. The report contains a full list of harmful domain names and email addresses found in the study, nearly all of which mimic the names of legitimate services such as Gmail and Dropbox.

These attacks come as no surprise to Egyptian civil society advocates and their allies. They appear to target defendants in the so-called “foreign funding” Case 173, which the Egyptian government filed against several NGO workers in 2011, alleging that they had used foreign grant money to “harm national stability, among other accusations. Despite multiple changes in Egypt’s ruling government, the case has worn on. Since spring 2016, courts have imposed a travel ban and asset freeze on multiple defendants in the case, along with other NGO leaders, strictly limiting their abilities to work or even seek refuge outside of the country.

Mauritanian courts consider death sentence for blogger who criticized caste system

On January 31, Mauritania’s Supreme Court heard the case of blogger Mohamed Cheikh Ould Mkhaitir, who was sentenced to death for publishing an opinion article critical of the use of religion to justify the country’s caste system. Ould Mkhaitir was first arrested in 2014 and was convicted of apostasy by a lower court for using examples from the life of the prophet Muhammad in the piece. The Supreme Court referred his case back to the appeal court for procedural irregularities, a move that does not bode well for Ould Mkahitir, as the appeal court previously confirmed his apostasy conviction and upheld his death sentence.

Criticism of the caste system, which originally included a “slave” caste, remains an incendiary topic in the North African country. In 1981, Mauritania became the last country in the world to abolish slavery, but slavery and related practices of forced labor have nevertheless continued in some parts of the country.

US border agents demand social media data from travelers, journalists

A wave of travelers from the Middle East, including two journalists, have reported that border agents demanded their mobile phones and social media usernames over the past five days. This comes on the heels of Donald Trump’s executive order — which multiple legal experts and scholars say is unconstitutional — temporarily banning citizens of seven predominantly Muslim countries from entering the US.

This practice is not new, nor is it unique to the Trump administration — in June 2016, US Customs and Border Patrol proposed plans to begin asking foreign visitors from visa waiver countries to disclose their social media identities. Since mid-2016, the Council on American-Islamic Relations has documented nine cases of Muslim Americans being asked questions about about their social media accounts, along with questions about their faith and lifestyle, when returning to the US from travel abroad.

As part of an effort to defend the privacy rights of travelers, the Electronic Frontier Foundation is soliciting first-hand accounts from individuals who have been asked for social media information and/or had their electronic devices searched at US borders. See here for further details.

Bitcoin may not solve Venezuela’s currency nightmare

Police in Venezuela arrested four bitcoin miners for allegedly affecting the stability of the nation’s electricity supply. The group ran 300 computers in order to mine bitcoins and sell them online, an effort that essentially converts the value of electricity into currency. Bitcoin mining has become an increasingly popular – if dangerous – venture in Venezuela, which has experienced extreme economic instability, with national currency inflation at rates of 50% and higher since 2014.

Myanmar journalists push back against defamation law

Journalists in Myanmar are opposing the use of the 2013 Telecommunications Law by authorities, who have used it to file defamation charges against their critics. Forty-eight defamation cases have been heard since the law was passed, with 29 arrests in the last year alone. The law penalizes the use of a “telecommunication network to extort, threaten, obstruct, defame, disturb, inappropriately influence, or intimidate” with three years in prison and a fine. Prominent Myanmar human rights Lawyer Robert San Aung has spoken out against the law, arguing that it is “not appropriate that a citizen who criticizes someone more powerful should face legal action of this kind.”

Anti-gay and looking for a vacation spot? There’s an app for that (in Russia)

A new Russian website called MyLinker claims to provide AirBnB-style options for homophobes, thus evading policies issued by AirBnB that are intended to prevent discrimination. Among other problems with the site is a set of highly questionable methods for measuring the number of LGBT people in a city (on the basis of searches for certain types of pornography) and incredibly offensive rhetoric. A Change.org petition is calling on Russian authorities to ban the site for its discriminatory practices.

New Research

Subscribe to the Netizen Report by email

 

Afef Abrougui, Ellery Roberts Biddle, Marianne Diaz and Sarah Myers West contributed to this report.

1 comment

Join the conversation

Authors, please log in »

Guidelines

  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.