Decoding Deception: How to Spot Scammy Cybersecurity Accounts and Fake Influencers
Today there is an abundance of information online, and a lot to choose from. Cybersecurity being no exception. However, not all of this information is created equal.
For simplicity’s sake, we can say that online educators and accounts can be placed into 3 different categories: Deceivers, Overstaters, Educators.
Let’s briefly go over these 3 categories and then get into a specific example that transpired over the weekend.
Deceivers
These are the outright scammers in the Cybersecurity space. They intentionally mislead newcomers with false information, promising quick results or exclusive access to knowledge behind a paywall, all with the sole aim of profiting at the expense of their students (victims). They often lack any verifiable track record in the field, and their primary focus is on making a quick buck rather than providing any real value or education.
Some signs that you may have encountered one of these (not an exhaustive list)
lack of a verifiable track record
anonymous account
slogans emphasizing amount of money you will make
If someone prefers to be anonymous, that is not an issue here on its own. They might have published articles or blogs under an alias, or Youtube videos. They are still contributing and giving back. However the combination of anonymity, and a lack of a trace to their work should raise some eyebrows.
Additionally, Deceivers often use slogans or marketing heavy wording that heavily emphasizes the amount of money you can make by joining their program, making buzzword salads of slogans. Something like “0 to 100k in 2 months”, or “90K in 90 days” should raise some flags (TikTok would like a word). No one can guarantee you a dollar amount with 100% certainty, and at the end of the day your first role in the field may or not be in that range.
Overstaters
This group consists of those who are creating content that is geared towards helping people learn. More truth-stretchers who, while not outright scammers, tend to overstate their claims or overcharge for their content. They may have some useful information to share, but they often exaggerate their success or the value of their offerings.
A practical example of this could be their course is helpful, but can mostly be found for free. Or they are a Security Analyst in practice but claim to be a “Senior Security Engineer” . The differences here are significant in most companies and I can go over these in a later post. These overstatements will entice more people to join their community or to learn form them, since they will be perceived as more experienced in the field.
I want to state again, they are usually trying to help people learn, just that their approach is not always the best.
This category is sort of a middle ground and generally speaking, you will find accounts are in of the two other categories.
Educators
These are the legitimate accounts and people who are genuinely committed to helping newcomers navigate the Cybersecurity landscape. They offer a wealth of free educational content, fostering a community where learning and growth are prioritized.
While they may offer a paid option, these are typically specialized resources that provide additional value beyond their free content. They are transparent about their credentials and their intentions, and their primary goal is to educate and empower, rather than to profit from high-pressure sales tactics.
I will make a future post with a few examples of online educators you can learn from.
Now that we went over what categories accounts fall under, let’s talk about a recent development.
Case Study: A Deceiver
Recently, there was an account that caught fire and was ousted as a Deceiver: BowTiedCyber
All operations are ceased as of the time of this writing.
A thorough thread was excellently written by @notshenetworks 👏 . https://twitter.com/notshenetworks/status/1686070016741949454?s=20
It goes over the ins and outs of how they preying on newcomers and how they were exposed.
Excerpt from an almost victim
https://twitter.com/AdvocateMyles/status/1685746041533145088?s=20
Excerpt #2
https://twitter.com/AdvocateMyles/status/1685746873389416448?s=20
This scammer account unfortunately was targeting those who are trying to learn about Cybersecurity and don’t yet have a lot of knowledge in the field. This is a pattern you will see from a lot of these accounts.
One of the things I personally found to be utterly ridiculous was the price tag for the Discord.
Anybody asking you for $500 for access to a Discord is not trying to help you, they are helping themselves, to your wallet. Do not let them.
In a nutshell the model they operate on is: target newcomers with limited knowledge BUT eager to learn and charge them a hefty dollar to teach them. The kicker is that most of what they will teach can be found online for free or for a much more affordable price. Even worse, sometimes these accounts will copy from others free resources, slap their logo on it and pass it off as their own to profit off of.
Going into the BowTiedCyber Substack..
You can see the emphasis is on the money that the participants can make. There is no way to verify these claims, and at the end of the day it just takes a newcomer to fall for this to keep the operation going.
This gives you an overview of the tactics used by those that fall under the “Deceiver” category.
Conclusion
Remember, if something seems too good to be true, it probably is.
Those who fell for this cannot be blamed as most of the times, they do not yet know how to spot phishing, scams, and operations like these. Hopefully by pointing out some of the telltale signs and looking at an example, more people can be better equipped to protect themselves online.
When you are considering engaging with a Cybersecurity account, or any educational account for that matter, do your due diligence: research extensively, and consider seeking advice from trusted sources or someone you know in the Cybersecurity field.
I hope this helps you in your journey into Cybersecurity.