Category Archives: identity

Are you being catfished?

This post was written jointly with Katia Hildebrandt and also appears on her blog.

Catfishing schemes, or romance scams, continue to plague social networking services. In fact, the issue has become so common that there’s a good chance that one of your recent “friend” requests actually came from a scammer versus someone who is actually interesting in pursuing a genuine friendship. Unfortunately, social networks on the whole seem content to turn a blind eye on the problem, despite the fact that people lose thousands of dollars to these types of scams every day. So, due to this alarming issue and utter lack of response from social networking sites, we’ve compiled a few tips, techniques and questions to ask yourself when evaluating an online profile. We hope that this information might prove be useful for both personal use and as an instructional tool.

Step 1: Assess the authenticity of the profile picture

This is really the easiest place to start. Drop the picture into Google’s reverse image search to see where else the image appears. TinEye, a dedicated reverse-image search engine, is also a great tool that can be used for to perform this search. If the picture is associated with many different names or profiles, it’s likely that you’re dealing with a scam account.

Step 2: Critique the bio

Catfishing accounts often use similar biographical components. Some red flags include:

  • A relationship status of “widowed” or “divorced” (obviously not all widowed or divorced people are catfishers, but this status in combination with other red flags might be an indication of a fake account)
  • A job that is of exceptional status and that may require a great deal of travel and/or periods without communication (e.g., military, engineer, oil worker, self-employed, shipping), making it easy for the scammer to make excuses for being absent, unavailable, or out of the country.
  • An “about” section that includes clichéd, romantic statements such as “looking for love” or statements that may stereotypically reinforce one’s integrity (as in this scammer profile below; also note that he describes himself as “God-fearing” and that there are obvious spelling mistakes in the name of the supposed alma mater – which we discuss more later):

1

Step 3: Investigate the profile name

The name on the account can also be a clue about the legitimacy of the account:

  • Many catfishers seem to pull from a list of popular names. If you search for the profile name on Facebook and lots of other profiles with the same name and similar occupations pop up, you may want to look more closely. At the time of writing, numerous “Nelson Colbert” profiles appear on Facebook and all seem to be fake profiles made up similar components discussed so far (e.g., stolen profile photo, suspect occupation, etc.).

2

  • Check to make sure that the name on the profile matches the name in the URL. Otherwise, it might be a sign that the scammer has had to change their profile name when a victim found them out.

3Google the profile name. Most people have at least some sort of digital footprint these days. Can you find the person? Does what you find match up with what they are telling you?

Step 4: Investigate the profile page

Some other elements of the profile to watch out for include:

  • Number of friends: Does the person have few friends? Do their friends interact authentically with them on their page, or do you only see the same people commenting/liking over and over again?
  • Types of friends: Often, if you are able to see the scammer’s friend list, it will consist overwhelmingly of people of the opposite gender (the target victims), as in this screenshot of a male scammer’s friend list:

4

  • Age of the profile: Is the profile brand new, or is there a history of photo uploads, status updates, posts from others, etc? Also, note that profile posts can be backdated and locations can be faked (as seen in the image below) to make a profile seem like it has a longer history than it actually does. However, the year that the (Facebook) profile was created can’t be faked.

5

  • Photos: Does the profile have only a few photos, or are there a variety of photos, including photos with others (watch out for pictures with children, as this can be part of the scam)? Do the photos look photoshopped (see “ghost dog” example below)?

    6
  • Mutual friends: Do you have any mutual friends? Note that having a small number of mutual friends isn’t necessarily a sign of legitimacy: scammers will sometimes friend a victim’s friends to make themselves seem more legit. If you have only a small number of mutual friends, it’s a good idea to contact those friends to see if they actually know the person. In many cases, your friend may have accepted the fake profile, due to less discerning personal protocols regarding “friending” or simply in error.
  • Language/grammar: Many scammers do not speak English as a first language. If you notice many spelling or grammar mistakes even though the person claims to be from an English-speaking country, proceed with caution.
  • Religious affiliation: Scammers will also often pose as devoutly religious individuals and sometimes use scripture or religious language to appear more trustworthy or to manipulate their victims through shared belief-systems. In fact, religion-specific dating sites such as Christian Mingle, JDate, or Shaadi are often used by scammers.

Step 5: Watch for tell-tale behaviours

Scammers often follow predictable patterns of behaviour, and there are some common red flags:

  • Use of a private messaging platform: A scammer will often quickly try to move the interactions over to email, SMS, or a different instant messaging platform. This is done so that if the original profile is identified as a fake account and removed by the social network, the scammer will not lose direct contact with their potential victim.
  • Rushing towards commitment: Scammers will try to move online relationships forward very quickly. It’s not uncommon for a catfisher to bring up marriage or to profess their love after only a few days or interactions; this helps to build a great sense of attachment and obligation, making victims more likely to agree to help the scammer later on.
  • Refusal to use video communication: Catfishers will often refuse to use anything but text or voice-based communication and will give excuses about poor connections to avoid having to Skype.
  • Out-of-sync, glitchy, or looped video: If a scammer does agree to video chat, their stream will generally be of very poor quality. This is because the scammer is usually using stolen footage that they found on Youtube or elsewhere online in order to fake a live conversation. In such cases, if audio is also present, it will appear to be out of sync with the video. Scammers may also cut video conversations short and complain of connectivity issues.
  • Repeated excuses to avoid meeting face to face: Catfishers will often make plans to meet up with their victims, but these plans will always fall through at the last minute for one reason or another.
  • Requests for compromising photos/videos: Often, scammers will request nude images or ask victims to participate in video chats of a sexual nature. These images or videos can then later be used to blackmail the victim, for instance, by threatening to send the files to the victim’s entire contact list or employer.
  • Emergencies: Once the catfisher has hooked their victim, they will likely be involved in some type of “emergency” situation. This might be an illness, loss of job, or the need to leave a location suddenly. In many cases, the scammer’s “children” may be involved.
  • Requests for money: This is obviously the top indication that you are dealing with a scammer. The request can take a variety of forms; two common techniques include advanced-fee fraud and requests for a money transfer through a company like Moneygram or Western Union (to make the money difficult to trace). Often, the victim will be told to send the money to someone other than the scammer (since the scammer is using a fake name).

Step 6: Ask for confirmation of identification

If you still aren’t completely sure whether or not you are dealing with a scammer, you can always ask for some form of confirmation.

  • Passport: Often scammers will provide a photoshopped passport as proof of identity (as in the image below). If the passport seems questionable, you can find images of real passports from various countries and compare them. You can also check out the passport photo guidelines for various countries (for instance, here are the US guidelines), which can help you determine if the photo meets the size/shape requirements.

7

  • Real-time photo or video: To verify identity, you can ask the individual to provide a real-time photo (with a newspaper with that day’s date, or holding up a certain number of fingers) or to perform certain actions while on video (raise one hand, clap hands, etc.). As well, if the scammer does provide a photo, be sure to check for signs of photoshopping, like in this picture below where the head has been (poorly) photoshopped onto the body and thus seems inordinately large.

8

  • At this point, we also can’t stress enough the need to use your common sense. If a profile just seems too good to be true, it unfortunately probably is (just like you don’t really have a secret relative who is the king of an African country and wants to share his wealth with you).

Step 7: Block, report, and warn others

Once you have determined that you are communicating with a scammer profile, there are a few steps you should take:

  • Report: Most social networking or dating sites have some sort of reporting tool. Often, reporting a profile will lead to it being taken down, preventing future scams on that account. As well, many victims report fake profiles to sites like Romance Scam or to Facebook groups set up to share information on scammers.
  • Block: Once you have reported the profile, you should unfriend and block the user. You may believe that the damage is already done, but if you do not unfriend and block the scammer, they will still have access to your photos, account info, and friends list. As well, people may see that you are friends with the scammer and take this as a sign that they can safely friend the account themselves.
  • Warn others: Another good step is to warn others in your circle of friends, especially if you notice that the scammer is attempting to connect with other members of your contact list.
  • Be vocal: Although there have been many attempts to improve policies at social networking services (we’re looking at you, Facebook), ultimately it will likely take a critical mass of complaints, media coverage, and awareness in order to achieve real change. So make you voice heard!

Other things to look out for:

  • Scammer “families”: In some cases, scammers will create an elaborate network of friends and family in order to bring legitimacy to the scammer profile. For instance, the fake Alex Gallart’s circle of contacts included his mother, friend, and daughter (of these, only the mother’s profile, Maria Gallart, is still up). In this case, scammers were actually using real photos of Alec’s family members to build the fake family.
  • Twinned accounts: One technique we’ve seen more of recently is when scammers create accounts that are essentially doubles of existing accounts. For instance, see these two photos:

9

Scammers will use these profiles to connect with the real person’s friends and family, who simply think they are (re)connecting with the victim. Then, the scammer can use a variation on the “grandparent scam”in order to ask friends and family to send money to deal with an emergency.

Facebook Is Still Broken …

I received this email a few minutes ago (and a few hours after I noticed that my Facebook account was down).

Katia_Hildebrandt_says___

For the fourth time, Facebook has disabled my account because the company doesn’t believe I am who I say I am.

Yes, apparently I’m the one with the fake account.

Not “Cole Kevin” or “Barnes Steven Lane” or “Steward Nathan” or “Obrien Gary Neil” or “Michael Walter” or “Nelson Colbert” or “Trofimov Sergei” or one of the hundreds of other fake accounts that I have reported to Facebook for using my images to scam vulnerable women across the globe. No. Once again, Facebook has decided to disable my account for using a fake name.

Despite the fact that I’ve already had to submit my government-issued ID to Facebook in each previous case.

Despite the fact that my account is nearly a decade old and linked to 2000+ Facebook friends.

Despite the fact that I’ve had countless media interviews about the problem.

If it can happen to me, it could certainly happen to you.

I’m starting to feel like a broken record, but I really need your help. Please share so that we can get Facebook’s attention. The reporting system is badly flawed, and as I’ve written previously, Facebook really needs to get it fixed.

Facebook Is About To Make Catfishing Problems Even Worse

Scam Computer Keys Showing Swindles And FraudImage via Careful Parents

Over the past week, I’ve had a number of people share articles with me related to Facebook’s testing of a new feature that is purported to alert Facebook users when it finds that someone is impersonating your account. Once the user is alerted, that user is then able to report the fraudulent account and pray that Facebook will take it down. However, given my 8 years of experience with this problem, I feel that I am qualified to say that this approach will simply not work for a number of reasons.

  1. Facebook often fails to take down fraudulent profiles: While I have successfully had Facebook take down hundreds of fake profiles (I find several new ones each day), there are certain profiles that it simply does not take down. For instance, I’ve been trying to get Facebook to take down the account of “Trofimov Sergei” (a user who is clearly using a profile photo of me and my son) for over a year now. Yet, no matter how many times I report the account, the profile remains. More disturbing is the fact that if you search for “Trofimov Sergei” on Facebook, you will see dozens of fake accounts by the same name using stolen photos of other men. Most of the deception is done in private communication with the (potential) victims, but every once in a while, you will find a public post where the fraudsters are asking for money for a feigned illness. Luckily, there are many people (often former victims) who do uncover and share their knowledge of these fraudulent accounts in order to contain some of the damage.
  2. Scammers may use photos of your children as their profile photo: After hundreds of reports, Facebook still refuses to take down the account of “Nelson Colbert,” a scammer who is using photos of my children as a profile photo. When you report an impersonation in Facebook’s current reporting tool, you ultimately have to choose one of the following: A) “This timeline is pretending to be me or someone that I know”, or B) “This timeline is using a fake name.” I have been completely unsuccessful when using Option B, and I have had only limited success with Option A: when you choose this option, you are asked to identify the user who is being impersonated, but when I identify myself, Facebook quickly rejects the report as it is clear that I am not the person in the profile photo. I have attempted to use Facebook’s “Report An Underage Child” tool (which is only available in Canada after you logout, apparently), but this has also been completely unsuccessful. The most unnerving part of this particular profile is that I receive more reports about it from victims than I do about any other. In fact, there are literally dozens of pages of search results that relate to “Nelson Colbert” and this scammer’s involvement in fraudulent activities. Yet, it appears that Facebook has made this account untouchable. I suspect that the scammer behind it may have created falsified documentation to get the account validated internally.
  3. Scammers may use your elderly mother’s photo as their profile picture: These criminals often create sophisticated networks of friends and family in their schemes. For instance, the scammers created a fake profile using my mother’s photos and named her Maria Gallart. I cannot report this profile directly to Facebook; instead I am only able to report it to my mother to deal with it. I did so, and as you would imagine, the distress, anxiety, and uncertainty that this caused my nearly 80-year-old mother was not something that she needed nor something that she necessarily knew how to deal with. And even with my assistance, reporting the fraudulent account from my mother’s account (many times) has not led to the account being taken down.
  4. Facebook doesn’t always believe the “real” person in cases of identity fraud: Facebook has taken down my account twice because a scammer reported me as being the fake Alec Couros. In both cases, I had to submit my passport to Facebook via email for verification (which is incredibly problematic for security reasons). I am unsure of why I had to do this twice, and I am puzzled as to why my account wasn’t verified either time (even though I have applied for verified status). Facebook’s proposed system will have to rely on verifying an account using a secure, consistent, and foolproof system if it is to be successful. To date, the company has failed miserably in this respect.
  5. Facebook’s proposed system could give an advantage to the criminals: Fraudsters have often used photos of me that I have never previously used on Facebook. Based on the incomplete details provided so far about this new alert system, one might assume that if I were to use any of my personal photos after a scammer had done so, I would be the one flagged as an impersonator. Thus, the criminal might easily be regarded as having the authentic profile, which sounds like really bad news.

The Mashable article shared at the beginning of this post states that Facebook is rolling out these features as the company attempts to push its presence into regions of the world where “[impersonation] may have certain cultural or social ramifications” and “as part of ongoing efforts to make women around the world feel more safe using Facebook.” If that is the goal, Facebook’s proposed technology won’t help, and it may very well make things worse for women (or anyone) using the site. Already, Facebook is plagued with identity thieves who adversely affect the safety, comfort, and freedom of many of its users, and the problem will only continue to grow with these types of half-baked efforts. You may not be affected now, but unless Facebook does something to fully address this issue, you almost certainly will be.

The Future of Identity Theft

I’ve written and spoken extensively about my problems with romance scammers, criminals who have used my photos (and the photos of many others) to create fake profiles and trick victims into sending them significant amounts of money. In my research, I’ve learned that many potential victims ask for a video chat with scammers as a way for them to prove their identities. In fact, participating in a video chat and then asking supposed suitors to perform particular actions on request (e.g., hold up two fingers on your left hand) is often touted on anti-scammer sites as a way to ensure that the person that you are talking to is in fact who they say they are and not a scammer who may be using recorded video as their video source (a common and frightening possibility).

Well, verifying identity online has just become even more complex. As you have already likely discovered, there are a number of freely available apps (e.g., SnapchatFaceSwap Live, MSQRD) that allow for live face-swapping. In fact, MSQRD was recently purchased by Facebook, and there have been suggestions that face-swapping could become more directly integrated into the social network. If you have used one of these apps, you’ll likely agree that face-swapping can be a lot of fun, but these are fairly touchy/glitchy apps and their use could be easily detected. However, this may not be the case for long.

Researchers from Stanford University recently released a project that works to “animate the facial expressions of the target video by a source actor and re-renders the manipulated output video in a photo-realistic fashion.” The results are incredible, but the implications for identity theft are incredibly frightening, in effect allowing scammers to become puppet masters who manipulate the faces and bodies of their fake profile avatars. Takes the idea of “authentic identity” to a whole new level, doesn’t it?

r/NextSpace (Reddit)

For a number of years, I’ve enjoyed using Reddit as a source for my daily reading. Reddit, often known as “the front page of the Internet,” is often where one can find stories and trends before they go viral in the mainstream. As well, because of the networking and conversational properties of the spaces, I’ve often mused about the potential of Reddit as a space where educational conversations might be hosted and shared. There are several education-related subreddits (specifically-themed topics or communities) such as r/education and r/edtech, but these spaces tend to be a bit stagnant.

Just recently, my friend @j0hnburns (and colleagues) took on the idea of developing a new subreddit at r/NextSpace with the goal of creating a space where deeper conversations around edtech related topics could be hosted and shared. He’s written about the launch and has included the overall rationale, how to get to started with Reddit, and how to contribute to r/NextSpace.

To help with this launch, I’ve agreed to do an AMA (Ask Me Anything) starting on Monday March 14th, 8pm EST (or see your time conversion here). To participate, check out this AMA thread, ask questions (you can post them early if you like), upvote or downvote the questions or comments of others, and I will do my best to respond to whatever gets asked. I know I’m nowhere near as big of a draw as those who have led some of the most popular AMAs, but hey, I’d like to help in any way to get this started. Plus, I think I have a lot to share regarding my thoughts on edtech, digital citizenship, digital identity, or other related topics. And of course, an AMA is about what you contribute as well!

So I hope that you will give Reddit and r/NextSpace a try, and hopefully I’ll hear from you at the AMA next week!

Catfishing Tricks Become More Complex

Yesterday, I received the following Facebook message:

Message from "Bola Shagaya"

I posted this to my Facebook wall when I received it, and it was interesting to hear from several people who felt they might have been fooled had they received the same message. After nearly a decade of becoming familiar with the tricks of these scammers, I question just about every angle. While this was the first time that I have received a message like this, the motive for the message seemed obvious to me. A photo of me that verifies the date would make it possible for a scammer to “prove” they were really me (rather than just using old photos). As well, if I had Googled the name of the sender (like my colleague Katia did), I might have wondered how this famous Nigerian business woman had the time to message me personally (and perhaps even why she cared about a mere 150K).

Today, I was contacted by another person on Facebook who had heard from her friends that a profile with her name, photos, and identifying information was trying to friend many of them. Several reported this to be suspicious so she immediately warned her friends with a status update. I asked her where the fake profile was and she found it for me. What we noticed was really sneaky (and horrible).

See below, the real person’s profile:

Joy_Brennan

Now, look at the fake profile:

Joy_Brenan

Do you see the important difference? The profile and header photos are the same in each. The friend count is certainly different. But the big thing is the spelling of the name. The authentic profile is “Joy Brennan” (two ‘n’s) and the fake profile photo is “Joy Brenan” (one ‘n’). The especially sneaky part is that if you were to try and search for fake Facebook profiles with your photos and name, this would make these much more difficult to find.

So why would the scammers do something like this? My guess is that they were hoping to perform a scam such as the common “email hijack,” where members of an existing friends/family network could eventually be tricked into sending money due to a contrived distress call (e.g., I was robbed while traveling, please wire me money).

So there you have it – a couple more scams to be concerned about. Oh, and Facebook still isn’t doing anything about these problems.

Continued Catfishing Woes

Landing in Regina tonight, I checked my phone to find the following tweets directed at me.

From what I was able to understand, it appears that this tweeter has been chatting with a person by the name of James Vardy who is using my photos (as seen in the screenshots). However, she believes that I’m the guy she is actually talking to and that I’m “sick” and a “pervert”. A quick search in Facebook brought up this fake profile that I have now reported. Below is a screenshot in case it actually gets taken down by Facebook (which is rarely ever the case).

James Vardy Fake FB Profile

James Vardy Fake FB Profile

It was difficult to make out exactly what happened between this tweeter and the scammer. It sounds like the scammer didn’t want to use video during chat, but this tweeter did and it broke his “rules”. The scammers obviously would much rather communicate via audio or text because video can give up their identity (unless they are exploiting the videos of those they impersonate such as in the manner that I describe in this clip). Even so, this fake video approach only works in small doses and scammers only use it to strengthen their deception and then continue on via text and voice.

You’ll also notice that the tweeter opens up with accusations that I was showing her my “privates”. Sigh. I’m not sure if this tweeter actually saw someone’s privates on her screen, but I know that this sort of explicit interaction is commonly sought out by scammers to provoke their victims to share the same. Once the scammers have captured explicit photos of their victims, the scammers can then blackmail victims for money or in rare cases, the victims can become scammers themselves.

After reading these tweets, I quickly alerted the tweeter that she was speaking to a scammer. I also sent her this resource that I prepared to help victims understand their situation. She didn’t seem to believe me.

 

Fun, hey? I didn’t bother replying after that. While her tweets are public, my replies only bring publicity to the situation and I assume that most people who read my tweets don’t actually know about my long-term catfishing predicament.

It’s honestly exhausting dealing with this. And, I’m not the only one who is having to do so. Check out Alan’s latest post on his efforts in trying to get Facebook to take down a scammer account that is using his photos. This overall situation is only going to get worse, and social networking services continue to look the other way.

And hey, just wait until face swap technology gets a bit better … then we’re pretty much all doomed.

Romance Scams Continue And I Really Need Your Help

If you follow me closely, you know that I’ve been discussing romance scams (also known as “catfishing”) for several years now. In short, a romance scam is where criminals will harvest photos from social media and dating site profiles and then use these photos to set up fake profiles on these same sites to enter into online relationships with individuals for the purpose of defrauding victims out of money. A more technical definition of the term romance scam is provided below.

A romance scam is a confidence trick involving feigned romantic intentions towards a victim, gaining their affection, and then using that goodwill to commit fraud. Fraudulent acts may involve access to the victims’ money, bank accounts,credit cards, passports, e-mail accounts, or national identification numbers or by getting the victims to commit financial fraud on their behalf. (Wikipedia)

For at least eight years, scammers have been using my photos, and the photos of my family, to commit these crimes. I hear from new victims on a daily basis as they frequently find the “real” me through my previous writings on the topic. Unfortunately, many victims find out too late, often after they have already sent significant amounts of money to these scammers and/or have developed a significant emotional attachment. These are deeply complex crimes that rely on a victim’s capacity for love, trust, and good will for the execution of fraud.

Today, I read a victim’s report on a Facebook group that is dedicated to raising awareness of these scammers. The post is worth the read in itself as it highlights some of the tactics used in these cases. Relevant in this case is that the victim pointed to several social media profiles that were created with my photos and the photos of my family. I’ve included screenshots of these fake profiles below with some added context.

First, there is the fake profile using my photos and the name Alex Gallart. The use of a similar first name is notable as past victims have told me that once they found my real identity they would approach the scammers with evidence of me actually being “Alec Couros”. In turn, the scammers would simply say that they use slightly different names or surnames for whatever purpose (e.g., mother’s name, professional name, etc.). In many cases, this additional lie seems to be taken up as plausible.

AlecGallart

Then there’s photos of my real brother George whose fake name is John Williams in this case. Scammers will set up networks of fake profiles and communicate to victims from each of these to validate the key profile’s identity.

JohnWilliam

Then, why not throw in photos of my real daughter as well? In this case, the scammers use the fake name of Clara Gallant to set up yet another profile. Alec Gallart seems to be more authentic with each additional connection.

ClaraGallart

Wait. Not real enough for you? How about we add photos of my real mother in yet another fake profile. As we know, grandmas will never lie to you.

MariaGallart

But I guess that wasn’t enough. A family’s set of fake profiles is pretty convincing, but the scammers felt that they needed to go the extra mile to make Alec Gallart even more convincing. The scamers thought it would be great to exploit my father’s death (he passed away in 2013) by including this photo of my children at his burial mound.

_1__Maria_Gallart

And they also included this photo of my mother remembering my father’s death via Facebook.

_1__Maria_Gallart 2

So there you go. The more complex the social network becomes, the more convincing the scam will be.

So, this is where I need your help. This happens to me every single day. But it’s not just happening to me. It’s also happening to thousands of others on a daily basis. But, Facebook and other social networks just simply do not acknowledge that this problem exists. For instance, there is no specific way to report these accounts as romance scammers in Facebook’s reporting tool. In fact, as you can see by my friend Alan’s experience, these fake accounts will often be deemed as following Facebook’s community standards!

Back in August, Facebook announced 1 billion daily users. I am sure that number pleases their investor’s but I wonder how valid that claim is considering I’ve personally reported many hundreds of fake accounts and there are logically thousands more that I do not know of. Multiply my reality by the thousands of other people’s profile photos that are being used and I begin to feel that Facebook is intentionally not addressing this reality due to their significance.

But even if these accounts don’t really put a dint into the one billion user reality, there are serious implications here for the identities and well being of their current and future users. A social media site needs to feel safe if one is to connect, share, and communicate with other users, especially with those that we do not know so well. Facebook needs to do something about this problem, but I am convinced that they won’t act unless there is some heat on this issue.

So please, share this post widely. I want Facebook to acknowledge this problem. But more so, I want this issue to get to someone at Facebook that can help address this problem through the revamp of their reporting service and through a number of possible mechanisms to detect the scammers before they can hurt people. I’ve got ideas on how this can be done, but I need to be connected to someone who can address these changes.

If you want to know more about these romance scams, I’ve written several other posts and created several Youtube screencasts. See below. And, thanks for any help you can provide.

The Real Alec Couros

(Digital) Identity in a World that No Longer Forgets

[This post was written jointly with Katia Hildebrandt and also appears on her blog.]

In recent weeks, the topic of digital identity has been at the forefront of our minds. With election campaigns running in both Canada and the United States, we see candidate after candidate’s social media presence being picked apart, with past transgressions dragged into the spotlight for the purposes of public judgement and shaming. The rise of cybervigilantism has led to a rebirth of mob justice: what began with individual situations like the shaming of Justine Sacco has snowballed into entire sites intended to publicize bad online behaviour with the aim of getting people fired. Meanwhile, as the school year kicks into high gear, we are seeing evidence of the growing focus on digital identity among young people, including requests for our interning pre-service teachers to teach lessons about digital citizenship.


All this focus on digital identity raises big questions around the societal expectations about digital identity (i.e. that it’s sanitized and mistake-free) and the strategies that are typically used to meet those expectations. When talking to young people about digital identity, a typical approach is to discuss the importance of deleting negative artefacts and replacing them with a trail of positive artefacts that will outweigh these seemingly inevitable liabilities. Thus, digital identity has, in effect, become about gaming search results by flooding the Internet with the desired, palatable “self” so that this performance of identity overtakes all of the others.

But our current strategies for dealing with the idea of digital identity are far from ideal. From a purely practical perspective, it is basically impossible to erase all “negatives” from a digital footprint: the Internet has the memory of an elephant, in a sense, with cached pages, offline archives, and non-compliant international service providers. What’s more, anyone with Internet access can contribute (positively or negatively) to the story that is told about someone online (and while Europe has successfully lobbied Google for the “right to be forgotten” and to have certain results hidden in search, that system only scratches the surface of the larger problem and initiates other troubling matters). In most instances, our digital footprints remain in the control of our greater society, and particularly large corporations, to be (re)interpreted, (re)appropriated, and potentially misused by any personal or public interest.

And beyond the practical, there are ethical and philosophical concerns as well. For one thing, if we feel the need to perform a “perfect” identity, we risk silencing non-dominant ideas. A pre-service teacher might be hesitant to discuss “touchy” subjects like racism online, fearing future repercussions from principals or parents. A depressed teenager might fear that discussing her mental health will make her seem weak or “crazy” to potential friends or teachers or employers and thus not get the support she needs. If we become mired in the collapsed context of the Internet and worry that our every digital act might someday be scrutinized by someone, somewhere, the scope of what we can “safely” discuss online is incredibly narrow and limited to the mainstream and inoffensive.

And this view of digital identity also has implications for who is able to say what online. If mistakes are potentially so costly, we must consider who has the power and privilege to take the risk of speaking out against the status quo, and how this might contribute to the further marginalization and silencing of non-dominant groups.

In a world where forgetting is no longer possible, we might instead work towards greater empathy and forgiveness

Our current strategy for dealing with digital identity isn’t working. And while we might in the future have new laws addressing some of these digital complexities (for instance, new laws are currently being proposed around issues of digital legacy) such solutions will never be perfect, and legislative changes are slow. Perhaps, instead, we might accept that the Internet has changed our world in fundamental ways and recognize that our societal mindset around digital missteps must be adjusted in light of this new reality: perhaps, in a world where forgetting is no longer possible, we might instead work towards greater empathy and forgiveness, emphasizing the need for informed judgment rather than snap decisions.

So what might that look like? The transition to a more forgiving (digital) world will no doubt be a slow one, but one important step is making an effort to critically examine digital artefacts before rendering judgment. Below, we list some key points to consider when evaluating problematic posts or other content.

Context/audience matters: We often use the “Grandma rule” as a test for appropriateness, but given the collapsed context of the online world, it may not be possible to participate fully in digital spaces if we adhere to this test. We should ask: What is the (digital) context and intended audience for which the artefact has been shared? For instance, was it originally posted on a work-related platform? Dating site? Forum? News article? Social network? Was the communication appropriate for the platform in which it was originally posted?

Intent matters: We should be cognizant of the replicability of digital artefacts, but we should also be sure to consider intent. We should ask: Was the artefact originally shared privately or anonymously? Was the artefact intended for sharing in the first place? How did the artefact come to be shared widely? Was the artefact made public through illegal or unethical means?

History matters: In face to face settings we typically don’t unfriend somebody based on one off-colour remark; rather we judge character based on a lifetime of interactions. We should apply the same rules when assessing a digital footprint: Does the artefact appear to be a one time thing, or is it part of a longer pattern of problematic content/behaviour? Has there been a sincere apology, and is there evidence that the person has learned from the incident? How would we react to the incident in person? Would we forever shame the person or would we resolve the matter through dialogue?

Authorship matters: Generations of children and teenagers have had the luxury of having their childhoods captured only by the occasional photograph, and legal systems are generally set up to expunge most juvenile records. Even this Teenage Bill of Rights from 1945 includes the “right to make mistakes” and the “right to let childhood be forgotten.” We should ask: When was the artefact posted? Are we digging up posts that were made by a child or teenager, or is this a recent event? What level of maturity and professionalism should we have expected from the author at the time of posting?

Empathy matters: Finally, we should remember to exercise empathy and understanding when dealing with digital missteps. We should ask: Does our reaction to the artefact pass the hypocrite test? Have we made similar or equally serious mistakes ourselves but been lucky enough to have them vanish into the (offline) ether? How would we wish our sons, daughters, relatives, or friends to be treated if they made the same mistake? Are the potential consequences of our (collective) reaction reasonable given the size and scope of the incident?

This type of critical examination of online artefacts, taking into consideration intent, context, and circumstance, should certainly be taught and practiced in schools, but it should also be a foundational element of active, critical citizenship as we choose candidates, hire employees, and enter into relationships. As digital worlds signal an end to forgetting, we must decide as a society how we will grapple with digital identities that are formed throughout the lifelong process of maturation and becoming. If we can no longer simply “forgive and forget,” how might we collectively develop a greater sense of digital empathy and understanding?

So what do you think? What key questions might you add to our list? What challenges and opportunities might this emerging framework provide for digital citizenship in schools and in our greater society? We’d love to hear your thoughts.

How Romance Scammers Port Video Files Over Skype

I’ve had many victims of ‪#‎romancescams‬ (where scammers used my photos) ask me how it was possible that they saw “me” over Skype. From these conversations, I’ve discovered that the scammers used a technique to port video over Skype to further fake someone’s identity. This appearance over video was often reported by victims as the convincing moment where they felt that they were talking a real person (vs. the fabricated identity). I’ve created a short screencast to explain how this works. Please share – it may save someone from falling into one of these scams. Thanks.