This morning, it’s Safer Internet Day (see #SID2015), and I arranged to chat to BBC Radio Newcastle about a story they are featuring, involving a Newcastle woman whose Instagram account was cloned by a 15-year-old girl from down south, and then used to build fake accounts, including Facebook, Twitter and a dating profile. The 15-year-old seemed to be enjoying the attention she was gaining as an attractive older woman, whilst the woman herself was concerned at how young her impersonator was, and discovered who it was via the girl’s school.
[Audio to add here when available]
What behaviour is typical at what age?
Here’s a brief extract from Raising Children in a Digital Age (2014), summarising information from Professor Tanya Byron’s government report as to what to expect at different ages:
Eleven to fourteen years: This is typically an era characterized by hormones as puberty strikes, and the emphasis for children moves largely from home and the family towards the external world, their peers, and “idols” in the quest to become “independent”. This means a shift from parental identification to peer identification, requiring a degree of experimentation that may involve taking risks. Brain changes cause an inherent drive to seek out social experiences: “these are more likely to be sought in the digital world as we restrict children’s and young people’s access to outdoor, offline socialisation.” Children and young people may start to actively seek out age-restricted material and games that are designed for adults, so keep the communication channels open for discussions of risk and challenging content.
Fifteen to eighteen years: In Western culture this is officially the last stage of “childhood”, when young people are still the responsibility of their parents but take increasing responsibility for their own decisions and identities. Abstract thinking is likely to be well developed, and evaluation of information and making judgments is becoming more balanced as young people develop their own set of values and beliefs (which may be different from their parents’), for which space should be allowed. This is a good opportunity for young people to experiment with different roles and identities, and make decisions for themselves, while still within the safety of family support.
Questions we were seeking to consider in the radio interview include how easy is it to clone someone else’s account, how common is it, and what might one do to protect oneself? Also, what does it say about the cloner?
For me, this raises bigger questions about our online presence – what ‘reality’ do we project online, so if there’s a new account, will people recognise that it’s not you? Have you developed a clear ‘tone of voice’, so that, like plagiarism, there’s an “off-tone” that warns others that it’s not you. Question what you want to achieve through participation online – how do you share holistically without oversharing – and have you made good use of privacy settings supplied by each of the social networks? Social media accounts can make it much easier for people to undertake identity fraud, so we need to be aware of what is going on, educate ourselves, and ensure that we don’t become digitally agoraphobic!
How big an issue is digital cloning?
In January this year, the Guardian published a video, featuring Aleks Krotoski, looking at ‘The Power of Privacy’ – definitely an area of growing concern – and a sophisticated internet user can also fall for it:
In trying to establish the commonality of this, it seems difficult to track down numbers – this report indicates that in 2013, 6.19 million Facebook profiles were cloned in South Africa, in 2014 LinkedIn was closing down thousands of cloned accounts, and in 2009 Twitter was having to close down a huge number of fake accounts – each of which was opening up security flaws. These examples and this paper on ‘Detecting Social Network Profile Cloning‘, published in 2010, indicate that it’s certainly not a new problem – but the number of users, and the complex number of social media accounts that we sign up to – certainly mean that it has become a more common problem.
I’ve been recommended to watch Catfish, a film described by an Amazon reviewer as:
…a wake up call to the millions of social media addicts who tend to forget that appearances in the virtual world, that is the web, can be so much more deceptive than those in real life. People lie and can be devious in the real world, but once behind a computer screen, almost everyone feels safe enough to appear as ‘awesome’ as possible, sometimes creating a persona that is an altar ego of a naturally flawed personality. Such deceptions can be just innocent in most cases, but they can lead to abuse and violence in extreme instances.
What motivates scammers, hackers and cloners?
As the number of startups continues, privacy policies are often an afterthought, rather than integral to the site build. Most scammers, hackers and cloners and looking to expose human vulnerabilities – the need for human connection, sharing, building relationships, and to take advantages of the opportunities online. Typically, people will clone another user for one of three reasons:
- For profit (to extract favours and money from friends, or hack into organisational systems)
- For revenge (sharing compromising or confidential information to cause harm)
- For fun (trolling as a sport).
If you’re susceptible to hacking ‘for profit’, check out this article as to potential motivations.
- On Facebook and LinkedIn, don’t accept people you don’t know as friends or connections (or at least undertake conversations, or establish ‘true’ relationships in common) – this isn’t true for public sites such as Twitter.
- Divide your Facebook friends into interest groups (family, close friends, colleagues, schoolmates, parenting groups, acquaintances, etc.) and post information only to the relevant groups
- Limit access to your Facebook data only to your friends – take care when choosing what to publish publicly. Understand Facebook privacy basic settings.
- Think about what you are sharing online – care with oversharing information about where you live, your children, and when you’re on holiday except with close friends.
- Help your friends by letting them know if you receive an invitation from a cloned account.
- If your friends spot an invitation to a new account, when they know you already have one, ask them to get in contact with you.
- Report cloned accounts as soon as possible: Facebook; Instagram; Twitter – those of us who are more tech savvy need to be particularly vigilant in helping friends who are unaware of the potential. Organisations also need to be aware of this.
- Consider utilising the two-step verification processes when offered
- Use a variety of passwords across different sites, so that the problem is less likely to spread outside the initial network.
- Ensure you have good anti-virus software installed and updated, so that data on your computer itself is not at risk.
- Social media sites themselves will identify unusual behaviour – such as a Facebook account that normally logs in in the UK, logging in in France – and will ask for re-verification.
Note that it’s not always famous people who are cloned, or even those with the largest follower/friend connections. Hackers are looking for vulnerabilities, and personal, social and corporate responsibility all come into play here. One thing to remember is that as the digital throws up ‘new’ problems, it also offers new solutions – the report mentioned earlier highlights steps that are being taken to use the power of digital (it’s pattern recognition and algorithms, along with its connectivity) to identify potential clone accounts before human beings notice them.
I’m often heard saying, we are not interacting with computers, nor have we become computers – we need to remember that behind each computer, there is a human being with feelings, vulnerabilities, etc. and we need to think about what our interactions online look like:
Thanks to my Facebook friends for providing so many suggestions to think about!