In the spring of 2012, the Electronic Frontier Foundation started receiving reports from inside Syria of attacks on Facebook, YouTube and other social media outlets used by Syrian dissidents. When users clicked on links posted on the comment sections of opposition sites, they were taken to fake websites that encouraged them to download special software, which was then used to acquire their credentials and sometimes to take over their computers. The EFF also discovered an instance of a malicious software program hidden in images circulated among Syrians in the diaspora.
Although EFF could not confirm the identity of the perpetrators, they suspected that the Syrian telecommunications ministry was behind the attacks. Meanwhile, reports of authorities using force against activists and dissident Facebook users, and demanding their login information, surfaced. In one case, a user was beaten by Syrian police, who then informed him that they had been reading his “bad comments” on Facebook. After providing his password to authorities, he was imprisoned for two weeks. Upon his release, he found that somebody had logged into his Facebook account and posted pro-regime comments in his name.