Twitter impostors stop at NOTHING to drag athletes through mud

@UsainBoltt: fanks 4 teh pr0n link lmao!!1

Choosing a cloud hosting partner with confidence

Analysis Malware-slingers and mischief-makers are ramping up the creation of fake celebrity profiles on social networks in time for the start of the Olympics on Friday. El Reg spoke to "reputation managers" of the stars about the problem.

Some of the fake profiles are harmless while others link to pictures of strippers and escorts and some punt straight-out scams – including links to scareware, inappropriate content (gambling sites, porn etc) – or attempt to solicit donations to fake charities, according to reputation management firm Social Impostor. In the worst cases, fake profiles might be used to induce users into sending inappropriate content, including but not limited to compromising pictures.

Social Impostor provides "reputation management" for high-profile punters' social network profiles. The company says it uses "proprietary technology" to find, report and remove fake social network profiles on behalf of actors, athletes, musicians, politicians, business people and their management teams. The company, which operates largely by word of mouth, has succeeded in taking down more than 8,000 fake profiles.

The firm searches for impostors on Facebook, MySpace, Twitter, Google+, YouTube, Formspring & LinkedIn. The details of identified impostors are submitted for removal via the protocols established by each network. Almost all the networks permit parody or satirical profiles, to a lesser or greater extent. Social Impostor targets fake profiles, leaving satirical social networker alone. Its automated system searches for variations in the spelling of the names of celebrities.

What's a malware slinger? And why are folks saying that about me?

A significant part of any celebrity brand is their reputation. Having a "verified" or "official" tag on a social network account doesn't eliminate impostors or the problems they create. Celebrity names and photos are used to create fake profiles and make posts on social network sites, sometimes resulting in negative media attention and confused fans.

Kevin Long, chief exec of Social Impostor, told El Reg that while it's surprising that people fall for it, there are thousands of fake celebrity profiles in circulation.

"We search various combinations of the celebrities' names (Mike instead of Michael) because, oftentimes, in order to try to get it up there without being noticed, the impostors will intentionally misspell the name, use numbers instead of letters (like a 1 instead of an l) or use the name in reverse order," Long explained. "We pick all of those up."

Social Impostor is tracking the number of fake accounts for designated Olympic athletes with an Olympic Impostor Index, based on the Celebrity Impostor Index it publishes on its website, for the duration of the Games.

These fake profiles can create a real problem for the athletes. The number of impostors is likely the increase as the athletes gain notoriety during the Games.

Who's winning the most-impersonated race?

For example US swimmer Michael Phelps has 229 impostors (compared to a 204 three weeks ago) and David Beckham has 937 (881 on 3 July). US basketball players Kobe Bryant (667) and LeBron James (638) are also frequently impersonated. Sprinter Usain Bolt has 152 social networking dopplegangers while Tour De France winner Bradley Wiggins only has three. Social Impostor is not working with any of these athletes.

While for some of the most famous athletes, social network impostors pose a problem all year round, for some emerging stars they are a new problem, and something that was far less of an issue in previous Olympic Games – when the use of Facebook and Twitter was less widespread. "The likes of Michael Phelps have problem even without the Olympics," Long noted. "It's part of the joys and pain of being popular."

The volume of impostor profiles in the case of actors, for example, peaks in the run-up to the release of a movie they are staring in or during awards season. "When their movie is in the news, impostors pop up," Long commented. Much the same happens for basketball stars during NBA playoffs, for example. It may be that gangs are involved in the creation of fake profiles on social networks but this remains unclear.

Twitter and Facebook are the primary venue for fake athlete profiles with Google+ coming in third. Formspring is "up there" for younger fake celebs accounts impersonating the likes of Justin Bieber and some of the teen bands (One Direction etc), but rarely get any results on there from any adults.

MySpace is "essentially dead", according to Long. "Few use it anymore for social network purposes (so the impostor results we find there are generally really old accounts that have never been taken down and haven't been used in a long time)," he said.

Fake athlete accounts on Twitter are often "people who are apparently strippers and/or prostitutes who are clearly using the popularity of people searching these names in order to get people to respond".  For example, there will be a scantily clad woman or even naked man/woman in the picture who would be listed under a popular celebrity name. "There are dozens of these if you search most high-profile celebrities' names," Long reports.

Going for gold

Faking profiles using the names of athletes is just one of many scams that have popped up in time for the Olympics. On Thursday, it emerged that 12 websites are being blocked by British authorities for the allegedly unauthorised sale of tens of thousands of tickets to the Olympics. Punters who bought tickets from the sites risk been refused entry to events.

As well as finding a bogus London Olympics 2012 Ticket site that was actually a phishing page, Trend Micro warns that other scams, including fake online contests for tickets, are likely to follow.

Jovi Umawing of GFI Software has done a good job of putting together a more comprehensive list of potential scams from from classic lottery scam mails, to fake tickets and phishing scams, to purported promos and malware-laden spam. One survey scam doing the rounds falsely offers the opportunity to win two free airline tickets to London to see the Olympic Games, for example.

In addition, GFI has spotted a scam punting mobile games circulating in Russia that falsely claim to be "official London 2012 games". In reality the fakes punt malicious Android Trojans.

General advice on staying safe online during the Olympics can be found on the official London Olympics’ Stay Safe Online page here. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
Hikvision devices wide open to hacking, claim securobods
prev story


Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?