I have written before about the art of spotting fake online accounts. Many of the tactics the tricksters use remain the same, but get a fresh coat of paint to maintain the illusion of appearances. For the most part, you really don’t even have to know what the intent of the faux-human might be. Just know that you don’t want any part of them.
Your Instant Twin
One of the rampant operations now is impersonating a user. Find an account:
- that doesn’t post very often
- that has a few pictures you can scrape
- that has a public friends list
From that, you create the Doppelgänger page, and start sending Friend requests to those the real individual is connected with. Most of those people will assume that you are starting a new profile, or may have even forgotten that you were already Friends.
This isn’t a “hack” per se, and does not require a complete change-every-password meltdown. This is the equivalent of someone sending letters with your return address on the envelope. You can’t stop them, but they don’t have access to your bank records.
Sometimes, however, the appearance of human-ish behavior may get us to lower our guard just long enough for a malware link to slip through.
Dumping on Groups
There is a wave of this on Facebook right now, and those behind the scheme are using a nice bit of human psychology and engineering: when you click on the link, it propagates itself by “spamming” the message in a Group you are a member of — not directly on your timeline.
Most any groups tend to have fewer members, which means you probably won’t have someone immediately bringing it to your attention, letting the malware message sit and marinate. Also, since many groups are closed and even secret, there is a more intimate feel of trust. So curiosity temporarily wins and we click…
There is something more reassuring about not being a lone voice, and specific cues that would ordinarily let us sort the real people from the virtual ones. And that’s where the scammers are getting a little more crafty…
Hunting in Packs
Okay, they aren’t really hunting, per se. But they are emulating the actual Social aspects of social media behavior.
Look at this Twitter reply I got the other day:
— Diane Hart (@DianeAmyHart) March 11, 2016
(I will provide a screenshot as well, in preparation for the eventual deletion of the not-very-real Diane Hart.)
Looking at that embed, even, you can see that someone apparently liked that tweet enough to re-tweet it. There were two of them.
However, looking at those accounts, we can see the chinks in the armor. Neither account has a profile picture. Hovering over them gives you some promising stats…
Plenty of tweets and follower numbers, right?
Well, not exactly. Nearly every one of those tweets for Louis and Edmund are retweets, which are done by automated script. No telling how many “Diane Hart”-like accounts they are propping up.
The Danger in the Link
I can’t tell you where that link goes. I don’t want to click it. But I can tell you where my informed opinion is derived.
The link “she” shares is a custom Bitly link. If you type that directly into your browser, then add a + to the end before you click enter, it will take you to an in-between information page, where you can see the eventual destination. In this instance, we can even get some information about the marketer involved!
So, now we can derive a little more info. The URL is simply the mobile landing page for this promotion. Everything after the question mark is Google Analytics tracking code – and the strange piece up front is just the acronym for The Home Depot Retool Your School.
Is this malware? No, it isn’t. But I am still not going to click it!
And this “Eric Yee,” is that even a real person with a real name? No idea. The Bitly account was created just last November.
Am I to be angry at Home Depot for sleazy marketing? I can’t even be mad at them, because marketing firms are capable of some real shady things to juice the engagement numbers that a client pays for.
Shady? Yes, I stand by “Shady.”
- Fake account
- Spams the same message to a big list of Twitter users
- Uses other fake accounts for social proof
Oh, and “Diane?” Where to start with you, Diane?
What a lovely profile picture. You look great for an Idaho resident who is now 130 years old.
The profile itself has existed solely to promote this specific campaign, on its second year now. (Makes you wonder how many of Twitter’s hundreds of millions of profiles come out of hibernation from a marketer’s toolbox once a year.)
Apparently, she used to have a successful modeling career. Thanks to Tineye, we can see that she was once featured in the collections of both Shutterstock and BigStockPhoto:
If you go back to her humble beginnings, you can find this tweet:
— Diane Hart (@DianeAmyHart) April 4, 2013
But after that one message in April of 2013, the next did not arrive until February 2015. I am so glad she found her voice…
Please add it in the comments!