OVERVIEW概述
The Pakistani community in southern China faces unique cybersecurity challenges: cross-border communication apps, multilingual phishing campaigns, and increasing exposure to AI-generated disinformation targeting diaspora groups. Most awareness materials are either too generic or not available in accessible formats for this community. 华南巴基斯坦社区面临独特的网络安全挑战:跨境通信应用、多语言钓鱼活动,以及针对侨民群体日益增多的AI生成虚假信息。大多数安全意识材料要么过于笼统,要么没有以该社区可接触的形式提供。
This invited webinar was organized by the Consulate General of Pakistan, Guangzhou, to bridge that gap. We covered practical threat models relevant to everyday users, phishing, identity theft, online scams, data bleed, and safe practices for digital life. The session was delivered in English with live demonstrations of threat detection and interactive Q&A. 本次特邀网络研讨会由巴基斯坦驻广州总领事馆组织,旨在弥合这一差距。我们涵盖了与日常用户相关的实用威胁模型、钓鱼攻击、身份盗窃、网络诈骗、数据泄露和数字生活的安全实践。讲座以英语进行,包含威胁检测的现场演示和互动问答。
EVENT POSTER活动海报
Fig. 1 — Official event poster. Topics: Phishing, Identity Safety, Data Bleed, Online Scams. Organized by Consulate General of Pakistan, Guangzhou, China. Tuesday, March 31, 2026, 2:00–3:00 PM CST.
图1 — 官方活动海报。主题:钓鱼攻击、身份安全、数据泄露、网络诈骗。由巴基斯坦驻广州总领事馆组织。2026年3月31日(星期二)下午2:00–3:00(中国标准时间)。
SLIDES幻灯片
MUHAMMAD AHMAD AMIN, Ph.D.
School of Cyber Science and Technology, Sun Yat-sen University, Shenzhen, China 中山大学网络空间安全学院,深圳,中国
March 31, 2026
MUHAMMAD AHMAD AMIN, Ph.D.
Postdoctoral Fellow at School of Cyber Science and Technology, Sun Yat-sen University, Shenzhen, China. 中山大学网络空间安全学院博士后研究员,深圳,中国。
Born and raised in Faisalabad, Pakistan; living in Guangzhou/Shenzhen, China since 2016. 在巴基斯坦费萨拉巴德出生并长大;自2016年起居住在中国广州/深圳。
Publications & Patents 论文与专利
Published multiple peer-reviewed papers in top-tier journals and conferences in the fields of multimedia forensics, deepfake detection, and biometric security. 在多媒体取证、深度伪造检测和生物特征安全领域的顶级期刊和会议上发表了多篇同行评审论文。
Holds patents related to machine learning-based security systems and multimedia authentication methods. 拥有与基于机器学习的安全系统和多媒体认证方法相关的专利。
Projects & Awards 项目与奖项
Research collaborations spanning across multiple continents and institutions, fostering international cooperation in cybersecurity and multimedia forensics. 研究合作跨越多个大洲和机构,促进网络安全和多媒体取证领域的国际合作。
USA
UK
France
China
China
China
Australia
Australia
Understanding the digital environment we live in 理解我们所处的数字环境
The virtual environment created by interconnected digital devices, networks, and the internet. A global domain where information is stored, shared, and processed electronically. A space where digital communication and interaction occur. 由互联数字设备、网络和互联网创建的虚拟环境。一个信息被电子存储、共享和处理的全球领域。数字通信和交互发生的空间。
Hardware, servers, cables, routers, data centers
Operating systems, applications, cloud services
TCP/IP, LANs, WANs, wireless networks
Users, human decision-making, social engineering targets
Data, digital assets, intellectual property
— U.S. Department of Defense
Physical Domain
Hardware components: servers, computers, cables, routers, data centers, and physical infrastructure that form the backbone of cyberspace.
Software Domain
Operating systems, applications, programs, and cloud services that run on physical hardware and enable digital functionality.
Network Domain
Internet protocols (TCP/IP), LANs, WANs, wireless networks, and communication infrastructure connecting devices globally.
— U.S. Department of Defense
Cognitive / Human Domain
Information Domain
Three-Layer Model
Hardware and geography
Software and network
Users and human interactions
— AcqNotes
Protecting our digital lives 保护我们的数字生活
The practice of protecting systems, networks, programs, and data from digital attacks. Measures taken to defend against unauthorized access, cyber threats, and data breaches. Encompasses technologies, processes, and practices designed to safeguard digital assets. 保护系统、网络、程序和数据免受数字攻击的实践。为防御未经授权的访问、网络威胁和数据泄露而采取的措施。涵盖旨在保护数字资产的技术、流程和实践。
Firewalls, encryption, antivirus, intrusion detection
Security policies, incident response, risk management
User training, access controls, regular audits
Security awareness, human firewall, vigilance
— NIST
Sensitive information compromised, reputational damage, potential legal consequences
Exposes intellectual property, violation of NDAs, loss of client trust
Multiple projects affected, files deleted/tampered, company-wide credential reset
Direct theft, ransomware payments, recovery costs, regulatory fines
Safeguards banking info, passwords, prevents identity theft, protects medical/financial records.
Protects online banking, prevents unauthorized purchases, secures credit cards and transactions.
Shields from malware, prevents ransomware, protects against spyware and viruses.
Controls access to personal info, protects digital communications, maintains confidentiality.
— NIST, Fortinet, IBM
The three foundational principles of information security that guide cybersecurity practices worldwide. 指导全球网络安全实践的信息安全的三个基本原则。
— Fortinet, TechTarget, SecurityScorecard
Know your enemy to protect yourself 知己知彼,百战不殆
Social engineering attack impersonating trusted source. 90% of breaches in 2026.
Unauthorized access or exposure of sensitive information.
Viruses or programs designed to damage or give unauthorized access.
AI-generated fake audio/video. 3,000% increase in fraud attempts.
Compromised devices controlled for malicious tasks.
Manipulation of people into breaking security procedures.
Records user actions, collects personal/financial info (SINs, bank accounts, credit cards).
Gains access via drive-by download, installs Trojan, operator controls device remotely.
Exploits weakness/bugs, motivated by mischief, vandalism, or ideological reasons.
Demands payment to regain access, uses OS hijacking or encryption to lock data.
AI advancement has made attacks more sophisticated. Attackers now leverage machine learning to create more convincing phishing emails, bypass traditional security measures, and automate large-scale attacks. 人工智能的进步使攻击变得更加复杂。 攻击者现在利用机器学习创建更具说服力的钓鱼邮件,绕过传统安全措施,并自动化大规模攻击。
A type of Social Engineering which attempts to acquire sensitive information (usernames, passwords, financial details) by pretending to be a trusted contact or company. Emails appear to come from social websites, banks, delivery companies, or business partners. 一种社会工程学攻击,通过伪装成可信联系人或公司来获取敏感信息(用户名、密码、财务详情)。邮件看似来自社交网站、银行、快递公司或商业伙伴。
Fake login pages for Facebook, Instagram, LinkedIn
Fake banking alerts and account verification requests
Fake shipping notifications and tracking links
Fake invoices and payment requests
— IBM
— CISA, Keepnet, AAG IT Support
Targeted email at specific individual/department appearing from trusted source. Uses similar domain names easy to overlook. Targets C-level or finance department. Requires reconnaissance. 针对特定个人/部门的定向邮件,看似来自可信来源。使用容易忽视的相似域名。目标是高管或财务部门。需要前期侦察。
Characteristics
Delivery Methods
65% of attacker groups used spear phishing as the primary infection vector.
— Symantec
Always verify the sender's email address. Legitimate companies use their official domain. Check for subtle misspellings or extra characters. 始终验证发件人的电子邮件地址。 正规公司使用其官方域名。检查微妙的拼写错误或额外字符。
Warning signs: Fake security badges at the bottom, requests for excessive personal information, slightly altered logos, and URLs that don't match the official domain. 警告信号: 底部有虚假安全徽章、要求过多个人信息、略有改动的徽标,以及与官方域名不匹配的URL。
Phone number: 1-800-555-0199 — Microsoft will NEVER call you unsolicited. Never call numbers from pop-up warnings.
Unknown number sends link to 'your-tax-refund.com' claiming $615 refund. Government agencies never send refunds via SMS links.
Email offering complimentary beverage with QR code to scan. QR codes can redirect to malicious sites. Always verify offers through official apps.
Rule of thumb: If it seems too good to be true, it probably is. Verify all offers through official channels, not links in messages. 经验法则: 如果看起来好得令人难以置信,那很可能就是假的。通过官方渠道验证所有优惠,而不是消息中的链接。
Malware is short for malicious software and is typically used as a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network. 恶意软件是恶意软件的简称,通常用作统称,指任何旨在对单台计算机、服务器或计算机网络造成损害的软件。
Self-replicating code that attaches to programs
Disguised as legitimate software
Encrypts data and demands payment
Hides deep in the system
Infects the boot process
Self-spreading across networks
— Microsoft
Attach to legitimate programs and spread when executed. Require human action to activate.
Masquerade as useful software. Create backdoors for attackers to access your system.
Encrypt files and demand ransom. Average cost $5.08M per incident.
Grant administrator-level access while hiding their presence from detection.
Infect the master boot record. Load before the operating system starts.
Self-replicate across networks without user interaction. Exploit vulnerabilities.
Latest and most advanced threat. Deepfake techniques enable creation of convincing fake texts, emails, voice clones, facial images, and videos by replacing real content with synthetic counterparts indistinguishable to human eyes and ears. 最新且最先进的威胁。深度伪造技术能够通过用合成对应物替换真实内容来创建令人信服的虚假文本、电子邮件、语音克隆、面部图像和视频,对人类眼睛和耳朵来说无法区分。
What Can Be Faked
Why It's Dangerous
Beneficial Aspects
Malicious Impacts
David Beckham Malaria Campaign: Used deepfake technology to raise awareness by having the football star speak in multiple languages, reaching broader audiences for a good cause.
Deepfake President Zelensky: A deepfake video of the Ukrainian president calling for surrender was circulated to spread misinformation and demoralize troops during conflict.
Dual-use nature: The same technology that can educate and entertain can also deceive and harm. Awareness is the first line of defense. 双重用途性质: 能够教育和娱乐的相同技术也可以欺骗和伤害。意识是第一道防线。
Deepfake fraud attempts increased 3,000% in 2023, 2,137% over the last 3 years. Generative AI fraud losses projected: $12.3B (2023) → $40B by 2027 (32% annual growth).
— theconversation.com, nbcnews.com, Keepnet
A finance worker at Arup was tricked into wiring $25 million due to a deepfake video conference call. The worker believed they were in a video call with the company's CFO and other executives, but all participants were deepfakes.
Attacker gathered public videos of executives from past conferences
Created deepfake models of CFO and other executives
Initiated video call with convincing fake participants
Convinced employee to authorize urgent wire transfer
— CNN
Deepfake itself isn't phishing, but it can be used in phishing scams. These scams trick people by creating very realistic videos or audio clips with AI. 深度伪造本身不是钓鱼,但可用于钓鱼诈骗。这些诈骗通过AI创建非常逼真的视频或音频片段来欺骗人们。
Creates highly convincing fake content that bypasses human skepticism.
Exploits emotional triggers and urgency to bypass rational thinking.
Evades email filters and link scanners that can't analyze video/audio content.
Leverages trust in familiar voices and faces to lower defenses.
Can target many victims simultaneously with personalized content.
Tools are increasingly cheap and easy to use, lowering the barrier to entry.
Attack Vectors
Sources for Training Data
Your public data is their training data. Everything you post online can be used to create a convincing deepfake of you. Limit your digital exposure. 你的公开数据就是他们的训练数据。 你在网上发布的所有内容都可能被用来创建令人信服的你的深度伪造。限制你的数字曝光。
— University of Maryland, IBM, Cybersecurity Ventures
External Attackers (70%)
Insider Threats (30%)
— Verizon DBIR
— University of Maryland study
— IBM
— IBM
Global cybercrime cost: $10.5 trillion annually by 2025. US reported losses: $16.6 billion (2024). Generative AI fraud losses projected: $12.3B (2023) → $40B by 2027 (32% annual growth).
— IBM, DeepStrike, FBI IC3 Report
Understanding and controlling your online presence 理解并控制你的在线存在
Everything you do online leaves a trace. Two types: Active (intentional posts) and Passive (tracked data). Digital footprints are permanent and searchable. 您在网上做的每件事都会留下痕迹。两种类型:主动(有意发布)和被动(被追踪的数据)。数字足迹是永久且可搜索的。
Active Footprint
Passive Footprint
— NIST, CISA
Control What You Share
Manage Search Engine Presence
— CISA, FTC, NIST, StaySafeOnline.org
Browser and Device Hygiene
Account Management
— CISA, FTC, NIST, StaySafeOnline.org
— CISA, NIST, StaySafeOnline.org
Practical steps to stay secure 保持安全的实用步骤
Top tips to avoid the three most common threats: Phishing, Malware, and Data Breaches. Three main categories of protection needed for every user. 避免三种最常见威胁的首要提示:钓鱼攻击、恶意软件和数据泄露。每个用户都需要三类主要保护措施。
Recognize fake emails, verify senders, avoid suspicious links and attachments.
Keep software updated, use antivirus, avoid untrusted downloads.
Secure accounts, use strong passwords, enable MFA, monitor for leaks.
Be on the lookout for these warning signs in every email and message you receive: 在你收到的每封电子邮件和消息中注意以下警告信号:
But verify the actual sender domain, not just the logo
"Dear Customer" instead of your actual name
Hover before clicking to see the actual destination
Never open attachments from unknown senders
"Act now or your account will be closed"
Gift cards, personal info, password resets you didn't request
Software Security
Data Management
NIST 800-63(b) standard for password security. Following these guidelines dramatically reduces the risk of account compromise. NIST 800-63(b)密码安全标准。遵循这些指南可显著降低账户被入侵的风险。
MFA is an additional layer of security offering greater protection against hackers. MFA for ALL users. Authenticates with multiple factors: MFA是提供更强保护以抵御黑客的额外安全层。所有用户都应启用MFA。通过多种因素进行认证:
MFA Options: Geofiltering, Single Sign-On (SSO), CAPTCHA, One-time password (OTP)
People are the first and last line of defense. Awareness and vigilance matter most.
Use unique, strong passwords. Never reuse. Consider a password manager.
Use secure networks, avoid public WiFi for sensitive tasks, verify network names.
Block malicious sites, use DNS filtering, keep browsers updated.
One in ten serious security breaches are caused by careless or uninformed employees.
— Kaspersky
Employees reuse a password an average of 13 times. — LastPass. Using a password manager is the single most effective step you can take. 员工平均重复使用密码13次。—— LastPass。使用密码管理器是你能采取的最有效的单一措施。
Recommended Password Managers
If Not Using a Manager
elephant
elephant1
elephant1!
Elephant1!
Never use your name. Simple substitutions are easily cracked by computers in fractions of a second.
Correct-Horse-Battery-Staple!47
Use a password manager to generate random passwords for each app, website, or service.
elephant1! → elephant2@
elephant3# → elephant4$
Simple sequential variations are also easily cracked. Computers can try all alternative options in fractions of a second.
7xK#mP9$vL2@qR5!
32 symbols on keyboard would take a human 5 minutes; computers do it instantly. Use truly random passwords.
Passwords are sometimes extracted from breaches. Attackers can then try all variations of your password base very quickly. 密码有时会从泄露事件中被提取。然后攻击者可以非常快速地尝试你密码基础的所有变体。
Password stolen was a name. Website requires 8 characters + 1 symbol. 32 symbols on keyboard (human: 5 minutes to try). Computers carry out these tasks in fractions of a second.
Never reuse passwords across sites. One breach can compromise all your accounts if you reuse passwords. 永远不要跨站点重复使用密码。 如果你重复使用密码,一次泄露就可能危及你所有的账户。
Visit haveibeenpwned.com — Currently checks many websites. 2.6 billion compromised accounts tracked. Treat it like a credit-check. Check your exposure regularly.
What to Check
What to Do If Pwned
Public WiFi is not secure. Anyone on the same network can intercept your data.
Verify network names. "Poppin Pizza Parlor" vs "poppin pizzaa free wifi"
Disable auto-connect to unknown networks on all your devices.
Always use password-protected networks. WPA2 or WPA3 for home.
HTTPS Protocol
Protocol for secure communication over computer network, widely used on internet. Notated by green lock in address bar.
Verify Before You Buy
DO's
DON'Ts
Read the scenarios provided and choose the most appropriate course of action. 阅读提供的场景并选择最合适的行动方案。
You receive an unverified email that looks like it was sent by the company's IT team. It reads: "We detected unusual activity. Click here to reset your password."
Report the email to your IT department
Open the link provided
Ignore the email
You need to convert a document into a different format. What should you do?
Ask the IT team to install company-approved software
Download a free file converter online
Ask a friend outside the company to convert the document
You need to create a new password for a company account. What should you do?
Create a lengthy password that's unique
Create a password that's easy to remember
Reuse an old password
Think before you click and share your info, pictures, and videos.
Cyberspace is real, and threats are evolving.
Always report suspicious activity and use antivirus.
Implement an organization-wide remote work security plan.
Never install unauthorized programs.
Use WPA2 or WPA3 security for your home Wi-Fi.
Ensure each password is unique. Use a password manager.
Enforce MFA everywhere possible.
Keep software and devices up to date.
When in doubt, ask an expert.
Prevention is easier than recovery.
MUHAMMAD AHMAD AMIN, Ph.D.
muhammad8@mail.sysu.edu.cn
Room 808, Engineering Building No.2, Shenzhen Campus of Sun Yat-sen University, No.66 Gongchang Road, Guangming District, Shenzhen, 518107, P. R. China 中国广东省深圳市光明区公常路66号中山大学深圳校区工学园2号楼808室,518107
KEY TOPICS核心话题
The five domains of cyberspace (Physical, Software, Network, Cognitive, Information) and the CIA Triad as foundational security principles. Understanding why cybersecurity matters for individuals and organizations. 网络空间的五个域(物理、软件、网络、认知、信息)以及作为基础安全原则的CIA三元组。理解为什么网络安全对个人和组织很重要。
Phishing (90% of breaches), malware families, deepfake technology with 3,000% fraud increase, botnets, and ransomware. Global statistics: attacks every 39 seconds, $4.45M average breach cost, 95% human error factor. 钓鱼攻击(90%的泄露事件)、恶意软件家族、诈骗增加3000%的深度伪造技术、僵尸网络和勒索软件。全球统计:每39秒一次攻击,平均泄露成本445万美元,95%人为错误因素。
Active vs passive digital footprints. Minimization strategies: limit personal info, clear cookies, use VPN, manage search presence. Social media protection: private profiles, disable location tagging, verify accounts, avoid oversharing. 主动与被动数字足迹。最小化策略:限制个人信息、清除Cookie、使用VPN、管理搜索呈现。社交媒体保护:私密档案、禁用位置标签、验证账户、避免过度分享。
Password management with 12+ character rules and managers like LastPass/1Password. MFA implementation. WiFi security with WPA2/WPA3. Software updates and patching. Building the human firewall through training and simulated testing. 密码管理,12位以上字符规则和使用LastPass/1Password等管理器。MFA实施。使用WPA2/WPA3的WiFi安全。软件更新和补丁。通过培训和模拟测试建立人为防火墙。
Think before clicking. Report suspicious activity. Use antivirus. Enforce MFA. Keep software updated. Prevention is easier than recovery. Curated resources: NCSC, Stay Safe Online, EFF, Have I Been Pwned, CISA, FBI IC3, NIST. 点击前三思。举报可疑活动。使用杀毒软件。强制执行MFA。保持软件更新。预防胜于恢复。精选资源:NCSC、Stay Safe Online、EFF、Have I Been Pwned、CISA、FBI IC3、NIST。
MORE TALKS更多报告
Planned workshop on multimedia forensics tools for investigators.面向调查人员的多媒体取证工具研讨会计划。
→ UPCOMING · TBD即将公布 · 待定Academic seminar on fair and robust biometric systems.关于公平鲁棒生物特征系统的学术研讨会。
→ UPCOMING · TBD即将公布 · 待定Cross-disciplinary talk on federated learning and medical data privacy.关于联邦学习与医疗数据隐私的跨学科讲座。
→