“It won’t be a fake email from your bank,” Charlie Bell, Microsoft’s new EVP of security, compliance, identity and management writes in a blog post.
Marketing in the metaverse? Real estate in the metaverse? The word is popping up so often that, to many, it can seem like the next iteration of the internet has already arrived.
In truth, we are still in the very early days of what is essentially a combination of virtual reality, augmented reality and video through which users move with avatars.
It is still far too early to tell whether the concept will fizzle out like Google Glass or reflects the same lack of understanding around the internet in the 1990s (before it got to be, well, what it is today).
Safety in The Metaverse is Actually a Huge Issue
As companies as diverse as Meta (MVRS) – Get Meta Report, Adidas (ADDDF) and Chipotle (CMG) – Get Chipotle Mexican Grill, Inc. Report all try to cement their space in the metaverse, it’s worth considering what role online safety and security will play.
A lack of understanding around a new technology opens up the floor for potential scammers or bad actors. Research conducted by the Center for Countering Digital Hate nonprofit found an average of one instance of sexual content, racism, abuse, hate, homophobia or misogyny in Meta’s Oculus headset world VRChat every seven minutes.
Other concerns currently flowing around involve identity fraud and scam potential that arises when many do not fully understand a new technology. Just last week, the Southern District of New York charged two men in connection to a “rug and pull scheme” that defrauded NFT owners of just over $1.1 million.
“We have one chance at the start of this era to establish specific, core security principles that foster trust and peace of mind for metaverse experiences,” Charlie Bell, Microsoft (MSFT) – Get Microsoft Corporation Report‘s new executive vice president of security, compliance, identity and management, wrote in a blog post about the tech giant’s approach to the metaverse.
“[…] The security community must work together to build a foundation to safely work, shop and play.”
What Does Microsoft Have to Say About It?
Hopping over to Microsoft from Amazon (AMZN) – Get Amazon.com, Inc. Report last fall, Bell is now in charge of cybersecurity at the tech giant that led the internet revolution 30 years ago.
In the March 28 blog post, Bell stressed the need to combat phishing and ensure authentication to prevent bad actors from seizing upon the avatars in the metaverse for bad purposes.
“Play this forward, and picture what phishing could look like in the metaverse,” he wrote. “It won’t be a fake email from your bank. It could be an avatar of a teller in a virtual bank lobby asking for your information. It could be an impersonation of your CEO inviting you to a meeting in a malicious virtual conference room.”
Of course, bold promises about “coming together” to ensure safety in the metaverse can sound trite — we can barely combat scams and abuse on social media today. But according to Bell, it is far from too early to get an early start as the metaverse could become reality faster than we think.
“The problems of yesterday’s and today’s Internet — impersonation, attempts to steal credentials, social engineering, nation state espionage, inevitable vulnerabilities — will be with us in the metaverse,” Bell said. “And it will take the same security community of good faith, norms and teamwork to anticipate and respond to them.”