The recent compromise of one of the South African Parliament's YouTube accounts, to promote a fraudulent "$Ramaphosa" crypto-currency token, underscores the insidious nature of scammers impersonating trusted figures or institutions and abusing their public currency: trust.
This is according to Anna Collard, SVP, content strategy and evangelist at KnowBe4 Africa, who adds that the speed with which the "$Ramaphosa" token was created and promoted via the hacked accounts suggests a well-orchestrated and financially motivated operation.
ITWeb quoted Parliament spokesperson Moloto Mothapo, who said: “This breach resulted in the unauthorised upload of content not aligned with the work of the institution. We have identified a security breach affecting one of Parliament’s 25 YouTube streaming services, which is integrated with its official social media accounts.”
Collard explains: “One breach can quickly become a trust multiplier, where criminals hijack an authoritative source to spread fraudulent schemes to a vast audience.”
This incident is also not an isolated event, Collard adds. “Cyber criminals have increasingly exploited the credibility of public figures and institutions to deceive the public. By impersonating celebrities and reputable organisations, they manipulate trust to fuel financial scams.”
With deepfake technology, these tactics are becoming more deceptive than ever, says the KnowBe4 executive.
Fraudsters have used AI-generated deepfakes of Elon Musk, Jeff Bezos and Warren Buffett to promote bogus crypto investments.
KnowBe4 referenced a report by The Guardian on how cyber criminals have been using impersonated versions of influencers and celebrities, including money expert Martin Lewis and radio DJ Zoe Ball, to dupe thousands of victims worldwide.
The company advises consumers and content creators to remain vigilant and take steps to strengthen protection.
Consumers are advised to verify sources, be sceptical of celebrity endorsements and educate themselves on social engineering tactics.
YouTube channel owners and organisations should combine strong passwords with multifactor authentication, set up alerts for unusual logins or changes and act immediately if anything suspicious appears.
“If a breach happens, transparency is key – immediately inform your subscribers to prevent them from falling for scams in your name,” Collard adds.
With the increasing use of AI-powered deception, both individuals and institutions must adopt a zero-trust mindset – assuming that no digital interaction is inherently trustworthy until verified.
Cyber criminals prey on trust – whether by hijacking government social media accounts, impersonating public figures or deploying deepfake scams. The Parliament hack is a case study in how bad actors weaponise credibility to spread financial fraud.
Share