Fake Profiles Used for Spying, Cyberstalking, Crowdturfing, Site-fluffing
by Sue Basko
Fake profiles have long been used for things such as spying on ex-friends and voting for a favorite band. Now fake profiles have stepped up to doing real work for real pay for the masters who control them. I was recently cyberstalked by a person/entity using a mob of fake profiles, so I can give some insight into what they do.
A recent paper by researchers out of University of California Santa Barbara describes astroturfing as such: “Astroturfing refers to information dissemination campaigns that are sponsored by an organization, but are obfuscated so as to appear like spontaneous, decentralized “grassroots” movements. Astroturfing campaigns often involve spreading legally grey, or even illegal, content, such as defamatory rumors, false advertising, or suspect political messages. Although astroturfing predates the Internet, the ability to quickly mobilize large groups via crowd-sourcing systems has drastically increased the power of astroturfing.” The UCSB group coined the word crowdturfing for when a crowd of fake profiles is used to start rumors, give positive or negative reviews or comments, or to gather real people as followers for a point of view.
The HBGary Federal group was reportedly using fake profiles to discredit people who opposed a Republican business organization. In turn, Anonymous hacktivists cracked open the list of subscribers to HBGary publications.
Fake profiles have been rampant online with the Occupy movement, where so much organizing has taken place on facebook. There were many fake profiles that were obvious, at least obvious to me, as agents provocateurs, probably government agents exhorting violence, to see if they could catch any in agreement. Generally, people just ignored these, because Occupy was and is about nonviolent protest.
It became confusing to sort out who was who because there were also the usual armchair anarchist trolls, some who come complete with their own small army of fake profile friends who agree with every word they say. A lot of this was obvious, because the friends would only appear at the same time and place as the main troll. Since I am a lawyer and was providing legal information to many Occupy groups on how to conduct peaceful, legal protest, I found myself being harassed quite a few times by the pseudo-anarchist trolls and their fake best friends. They would agitate for violence, but for the most part, no one was interested.
The profiles that were obviously law enforcement agents provocateurs never bothered me, because they were / are there for the basically legitimate purpose of seeing if any mass destruction was/is planned.
The law enforcement agents post the same types of hooks over and over. They post that there are no limits to the First Amendment and no permits needed. They outright propose specific violent actions. Most people have learned to ignore them and not even reply. The law enforcement agents simply move on to other pages trying to locate sympathizers there.
Then there are the fake profiles that put in friend requests on facebook. The fake profile friends come to spy on your facebook page. According to reports, Aaron Barr at HBGary was busy making pretty girl fake profiles. At one point during the height of the Occupy camps, a bunch of pretty girl profiles invaded. One activist man shouted on his facebook in all caps: ALL THE PRETTY GIRLS ARE FAKE PROFILES! It was true. Men were readily confirming them as friends. Others were accepting the pretty girls because they were already “friends” with people they knew. I got a few of these requests, but rejected them. I think the male equivalent is the profile that is some version of the Anonymous mask. Of course, a lot of these are real people, but it is also a convenient fake profile.
Site-Fluffing is yet another use of fake profiles. That’s when a new site creates fake profiles to make it look as though the site is popular. I wrote a review of a site that looks good, but is very bad news. I was contacted by a person who credibly claims to have made up to 500 fake profiles per day for the site. That’s fraud on any would-be investors or purchasers. It’s also fraud on would-be users or users of the site. A lot of those profiles were obvious fakes.
The U.S. government is obviously using fake profiles. A man named Sean Kerrigan has posted a 2010 listing off FedBizOpps.gov that you have to read to believe. The government has procured software that creates and manages realistic fake personas, “replete with background, history, supporting details, and cyber presences that are technically, culturally and geographically consistent.”:
0001- Online Persona Management Service. 50 User Licenses, 10 Personas per
Software will allow 10 personas per user, replete with background , history,
supporting details, and cyber presences that are technically, culturally and
geographically consistent. Individual applications will enable an operator to
exercise a number of different online persons from the same workstation and
without fear of being discovered by sophisticated adversaries. Personas must be
able to appear to originate in nearly any part of the world and can interact through
conventional online services and social media platforms. The service includes a
user friendly application environment to maximize the user's situational
awareness by displaying real-time local information.
Then to make those personas seem real, they need an IP address for each persona. “Individuals can perform static impersonations, which allow them to look like the same person over time. Also allows organizations that frequent same site/service often to easily switch IP addresses to look like ordinary users..”:
0003- Static IP Address Management. 50 each
License protects the identity of government agencies and enterprise
organizations. Enables organizations to manage their persistent online personas
by assigning static IP addresses to each persona. Individuals can perform
static impersonations, which allow them to look like the same person over time.
Also allows organizations that frequent same site/service often to easily switch IP
addresses to look like ordinary users as opposed to one organization.
Economizer IP Mapped License or equal
0002- Secure Virtual Private Network (VPN). 1 each
VPN provides the ability for users to daily and automatically obtain randomly
IP addresses through which they can access the internet. The daily rotation of
the user s IP address prevents compromise during observation of likely or
targeted web sites or services, while hiding the existence of the operation. In
addition, may provide traffic mixing, blending the user s traffic with traffic from
multitudes of users from outside the organization. This traffic blending provides
excellent cover and powerful deniability. Economizer Enterprise Chameleon or
Now – to the story of how I got cybermobbed by a professional, or at least serial cyberstalker, and a mob of fake profiles, and possibly a few real profiles. I admit I am a target – I have openly provided information to help Occupy protesters know their rights under the law. I also started and help run a blog written by a man in prison who has autism. I am a target – and I want to state that I do not think the Cyberstalker gang that went after me is government-related. I think they are some kind of right-wing nut jobs, as we on the liberal side like to say. The government has no reason to stalk me, since I provide a valuable service to all sides, explaining the law so protesters can follow it. And the mob of fake profiles that stalked me was obviously fake. The profiles’ posts were obviously being written by one person, they all showed up together at the same times and places. There were other telltale signs I won’t share.
First, I noticed that someone had likely hacked into my Facebook profile, because security settings started to change. I wasn’t sure, because Facebook sometimes does change settings on its own. Then, I got a ludicrous private message on Facebook, sent by an obviously fake profile. I posted making fun of the ludicrous message and the ridiculously fake profile that sent it. All of a sudden, a different profile pops up on my page, posting inane, nasty messages saying that I did not respond correctly to the private message. How did “she” even know what the message said or my response to it, if it was not one of her fake profiles? So I deleted these things and blocked both profiles. And --- that began the circus. The whole circus was obviously orchestrated by one person who controls a group of fake facebook profiles with twitter accounts and several blogs.
The main leader of the rampage may or may not be a fake persona. I came across a real man who says he was stalked by the same person for 6 years –and he wrote about this a year before I was also stalked. I remember how he was stalked, because, about 6 years ago, I received some nasty chain emails defaming him. He is convinced the main Cyberstalker persona that attacked us both is a real person. I am not convinced, because it would be hard to find a real person who is so totally insane and yet has such good computer skills. But the ranting insanity seems to be part of the persona that catches people off guard. The persona used a photo of an older woman who looks like Porky Pig wearing a Dutch Boy haircut and some sort of sailor hat. When this thing popped up on my facebook page writing nasty posts, I had to laugh first. (Please tell me that is a fake photo!)
Then it got nastier. This person, who had already hacked my facebook, stole my photos, copied conversations, and began posting things on her own blogs that are run under her own name as well as a few other names. Then there were twitter attacks. She was attaching my name to her words and linking it up to her blog. And she had her fake army of fake profile personas also attacking. By that time, she had a few real people in on it – though it was hard to tell which ones were real or fake, since it is hard to believe any real people would actually engage in such actions.
I did what I was told to do by law enforcement officials – delete and block, delete and block. Her fake profiles were swarming all over my accounts online, all sounding suspiciously alike. There were a few that seemed like real profiles. As I stated that I had a complaint in to the authorities, the main stalker began to delete some posts. It is hard to tell which elements of the attack will be retrievable – or how hard the authorities will go to uncover the elements that have been deleted. If it could all be laid out and seen, it would show a massive online attack obviously controlled and created by one central source.
The methods of the cyberstalker are to invade, intrude, create, spread rumor. For the most part, only the most gullible, unthinking people would fall for this sort of thing, and only the nastiest have a will to participate in it. The idea is to create a mob of only the most vicious, gullible people who do not check their sources and do not think on their own. It works! And with such people involved, lives and safety truly are endangered. The idea is to rile up the crazies – and lead them in an online lynch mob. This is the agent provocateur online – and it works.
What You Can Do: To understand more about Crowdturfing, read the UCSB Study. If you see things like this online, avoid participating. Think about things. During the Cyberstalk attack against me, one of the fake profiles announced on Twitter that I was a lawyer in control of SOPA, the proposed upcoming internet legislation. Of course, I have nothing to do with SOPA and have not even gotten around to reading the draft of the law. But that does not keep a fake profile from tweeting my name and announcing such nonsense. Any thinking person would realize this, but Cyberstalkers, like the one that attacked me, are interested in getting the least thinking people on their side. That’s how it works. The whole point is to gather an irrational mob. Thinking people don’t participate.