Femme fatale Mia Ash is honeytrap to steal your secrets, by Mark Bridge.
Mia Ash is an attractive 29-year-old freelance photographer living in London who listens to indie music and adores social media.
She’s a bit of a hipster, having studied at Goldsmiths, University of London, and previously worked at the Clapham Picturehouse, and she is in the market for romance. Ms Ash, who hails from Great Wyrley in Staffordshire, often sports a sexy bob rather like Audrey Tautou’s in the film Amélie.
She doesn’t go for creative professionals but has a thing for older men in senior roles in the energy, IT and aerospace industries.
The trouble is, she doesn’t exist. In reality, hers is a detailed fake persona, a honeytrap conceived to steal confidential information. …
The scheme successfully lured senior figures in sensitive industries in the US, Israel, India and Saudi Arabia to reveal confidential data. Mia also planted snooping software on their companies’ computer networks to harvest data before the sting unravelled in February. …
Example:
An employee with an interest in photography had been communicating with a British “admirer” for more than a month.
The staffer had been flattered when Mia approached him on LinkedIn with questions about their mutual passion. Soon they were friends on Facebook, where they flirted and chatted frankly about their work and hobbies.
Her accounts on Facebook, Instagram, LinkedIn and Blogger showed that she was friends with prominent photographers, so was clearly the real deal.
And her relationship status was “it’s complicated” — signalling availability. All in all, it felt like the beginning of something special.
One day she asked if her special friend could do her a favour. She needed feedback for a photography survey. It was simply a case of completing an Excel spreadsheet.
He would have to complete it on his office computer otherwise the technology would sometimes play up. Such a faff, she admitted, but she would be so grateful.
And he fell for it hook, line and sinker. Once he clicked, the attachment promptly tried to install malware on to the computer, which would enable hackers to infiltrate the network. …
Her creation:
The investigation revealed that Mia Ash’s persona had been crafted for almost a year, and her handlers had spent months befriending real photographers online to give the trap greater credibility.
The numerous photos posted of Ms Ash were lifted from the social media accounts of a Romanian student and blogger and her CV details and regular status updates were influenced by genuine LinkedIn profiles of creative professionals.
