Feeds

Twitter impostors stop at NOTHING to drag athletes through mud

@UsainBoltt: fanks 4 teh pr0n link lmao!!1

Secure remote control for conventional and virtual desktops

Analysis Malware-slingers and mischief-makers are ramping up the creation of fake celebrity profiles on social networks in time for the start of the Olympics on Friday. El Reg spoke to "reputation managers" of the stars about the problem.

Some of the fake profiles are harmless while others link to pictures of strippers and escorts and some punt straight-out scams – including links to scareware, inappropriate content (gambling sites, porn etc) – or attempt to solicit donations to fake charities, according to reputation management firm Social Impostor. In the worst cases, fake profiles might be used to induce users into sending inappropriate content, including but not limited to compromising pictures.

Social Impostor provides "reputation management" for high-profile punters' social network profiles. The company says it uses "proprietary technology" to find, report and remove fake social network profiles on behalf of actors, athletes, musicians, politicians, business people and their management teams. The company, which operates largely by word of mouth, has succeeded in taking down more than 8,000 fake profiles.

The firm searches for impostors on Facebook, MySpace, Twitter, Google+, YouTube, Formspring & LinkedIn. The details of identified impostors are submitted for removal via the protocols established by each network. Almost all the networks permit parody or satirical profiles, to a lesser or greater extent. Social Impostor targets fake profiles, leaving satirical social networker alone. Its automated system searches for variations in the spelling of the names of celebrities.

What's a malware slinger? And why are folks saying that about me?

A significant part of any celebrity brand is their reputation. Having a "verified" or "official" tag on a social network account doesn't eliminate impostors or the problems they create. Celebrity names and photos are used to create fake profiles and make posts on social network sites, sometimes resulting in negative media attention and confused fans.

Kevin Long, chief exec of Social Impostor, told El Reg that while it's surprising that people fall for it, there are thousands of fake celebrity profiles in circulation.

"We search various combinations of the celebrities' names (Mike instead of Michael) because, oftentimes, in order to try to get it up there without being noticed, the impostors will intentionally misspell the name, use numbers instead of letters (like a 1 instead of an l) or use the name in reverse order," Long explained. "We pick all of those up."

Social Impostor is tracking the number of fake accounts for designated Olympic athletes with an Olympic Impostor Index, based on the Celebrity Impostor Index it publishes on its website, for the duration of the Games.

These fake profiles can create a real problem for the athletes. The number of impostors is likely the increase as the athletes gain notoriety during the Games.

Who's winning the most-impersonated race?

For example US swimmer Michael Phelps has 229 impostors (compared to a 204 three weeks ago) and David Beckham has 937 (881 on 3 July). US basketball players Kobe Bryant (667) and LeBron James (638) are also frequently impersonated. Sprinter Usain Bolt has 152 social networking dopplegangers while Tour De France winner Bradley Wiggins only has three. Social Impostor is not working with any of these athletes.

While for some of the most famous athletes, social network impostors pose a problem all year round, for some emerging stars they are a new problem, and something that was far less of an issue in previous Olympic Games – when the use of Facebook and Twitter was less widespread. "The likes of Michael Phelps have problem even without the Olympics," Long noted. "It's part of the joys and pain of being popular."

The volume of impostor profiles in the case of actors, for example, peaks in the run-up to the release of a movie they are staring in or during awards season. "When their movie is in the news, impostors pop up," Long commented. Much the same happens for basketball stars during NBA playoffs, for example. It may be that gangs are involved in the creation of fake profiles on social networks but this remains unclear.

Twitter and Facebook are the primary venue for fake athlete profiles with Google+ coming in third. Formspring is "up there" for younger fake celebs accounts impersonating the likes of Justin Bieber and some of the teen bands (One Direction etc), but rarely get any results on there from any adults.

MySpace is "essentially dead", according to Long. "Few use it anymore for social network purposes (so the impostor results we find there are generally really old accounts that have never been taken down and haven't been used in a long time)," he said.

Fake athlete accounts on Twitter are often "people who are apparently strippers and/or prostitutes who are clearly using the popularity of people searching these names in order to get people to respond".  For example, there will be a scantily clad woman or even naked man/woman in the picture who would be listed under a popular celebrity name. "There are dozens of these if you search most high-profile celebrities' names," Long reports.

Going for gold

Faking profiles using the names of athletes is just one of many scams that have popped up in time for the Olympics. On Thursday, it emerged that 12 websites are being blocked by British authorities for the allegedly unauthorised sale of tens of thousands of tickets to the Olympics. Punters who bought tickets from the sites risk been refused entry to events.

As well as finding a bogus London Olympics 2012 Ticket site that was actually a phishing page, Trend Micro warns that other scams, including fake online contests for tickets, are likely to follow.

Jovi Umawing of GFI Software has done a good job of putting together a more comprehensive list of potential scams from from classic lottery scam mails, to fake tickets and phishing scams, to purported promos and malware-laden spam. One survey scam doing the rounds falsely offers the opportunity to win two free airline tickets to London to see the Olympic Games, for example.

In addition, GFI has spotted a scam punting mobile games circulating in Russia that falsely claim to be "official London 2012 games". In reality the fakes punt malicious Android Trojans.

General advice on staying safe online during the Olympics can be found on the official London Olympics’ Stay Safe Online page here. ®

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.