Beware of the Dog (the hamster has a nasty temper, too).

A few weeks ago I started seeing alerts on Facebook alleging that dogs and other animals are being stolen from houses in Perth, Western Australia – large dogs for training for dogfighting, small dogs and other animals for ‘blood animals and training.’

Other versions of the story claimed – as noted by Hoax-Slayer – that “gang members posing as leaflet deliverers or walkers are marking properties that have suitable dogs with coloured stickers so that they can come back later and steal the animals. Supposedly, red stickers are for large dogs, yellow for medium sized dogs and pink for small dogs.” (Perth Dog Fighting Gang ‘Coloured Stickers’ Hoax) 

Even before I saw the Hoax-Slayer article, my hoax sensors were flashing, but I didn’t have time to follow it up at the time. Now I see that the same story has grown a UK variant.

I know that dogfights (and badger-baiting and so on) are a serious problem here in the UK as elsewhere, and pets could be stolen for related purposes (though fighting dogs are normally trained from puppies), but why would you mess about with this sticker stuff?

Snopes has also picked up this story. The police in Western Australia have already dismissed the hoax, and hopefully police forces in the UK will follow suit before this thing becomes epidemic. It does, after all, have the potential to waste an awful lot of their time. This story is exploiting natural concerns about cruelty in order to propagate a pointless hoax.

David “there must be more to the internet than hoaxwatching” Harley

By me, that is: Cruising the Misinformation Superhighway

Includes pointer to my recent ESET paper: Origin of the Specious: the Evolution of Misinformation

David Harley

I’ve always felt that it’s better in principle to help people to identify potential hoaxes for themselves and check them out accordingly, rather than take the pure dictionary approach (i.e simply list each hoax as it comes along). In practice, a well-maintained ‘dictionary’ site is a treasure. Even people who can detect a hoax (or semi-hoax) at 50 paces sometimes need information that goes beyond their own scepticism and intuition.

For instance, in order to convince others, who can be very reluctant to let go of a pet meme. After all, it’s not very nice to be told, however politely and considerately, that you’ve fallen for some mean-spirited hoaxer’s attempt to boost his own ego at your expense.

Adam Pash’s post at Lifehacker on How to Identify and Avoid Spreading Misinformation, Myths, and Urban Legends on the Internet does a good job of providing the aspiring hoaxbuster with some resources for checking a suspected hoax. He uses as an example a heavily retweeted quotation incorrectly attributed to Martin Luther King Jr. after a Facebook update regarding the death of Osama Bin Laden was misinterpreted or misquoted. The list of attributes to a message that ought to trip an anti-hoaxer’s sensor is longer and more varied than that single example suggests – maybe I should get back to that – but  the list of checking resources is worth summarizing here (but I also recommend that you check out the Lifehacker blog).

• Unsurprisingly, he recommends Snopes (not just for its encyclopaedic listings and well-researched commentary, but also for the up-to-date info and discussion on its forums).
• He also suggests BreakTheChain.org and TruthOrFiction.com and points to a longer list of resources by Tim Malone.
• He draws attention to the use of Google’s date range filter.
• He also draws attention to the difficulty of confirming a scam when the scammer floods the Internet with fake recommendations. (To all intents and purposes, a manifestation of Black Hat Search Engine Optimization.) However, similar issues arise with messages that are classified as (semi-)hoaxes rather than as scams. To take a simple example, you’re likelier to get a useful hit if you add the word “hoax” to your search terms straightaway: otherwise, you may get several pages of sites where the hoax is simply uncritically quoted or recycled.
• And finally, one I hadn’t come across before: Dustin Luck’s Debunkadunk custom search engine, which throws your search terms at a range of specialized web sites like Snopes.

David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow

Social media networks like Facebook and Tumblr are currently seeing an epidemic of a chain message that generally goes under the title through a rapist’s eyes – or even THROUGH A RAPIST’S EYES. (As we all know, if it’s in block capitals it must be true.) It offers advice to women that is claimed to have been put together on the basis of interviews with rapists and date rapists in prison.

Me, I believe everything a criminal tells me. Why wouldn’t I? Except that there’s no indication in the versions I’ve seen currently circulating, as to the source of the survey information and other statistics quoted. A 2001 version cited by the ever-reliable snopes.com clearly indicates that the (probably) original message derives from an email from an employee at a New Orleans PR firm who attended a self-defence class taught by one David Portnoy. I have no idea how effective the physical training may have been, but it appears that he was far from forthcoming about his informational sources.

Snopes’s Barbara Mikkelson does a pretty good job of debunking the ‘one size fits all’ view of rapist behaviour and motivation in Assaulted Tale (aka This Bird Won’t Fly) but does concede that a little situational awareness is a Good Thing (in this context as in many others – it would certainly have saved me from being mugged a few years ago). She quotes research from the 1980s that posits a triple motivational typology: anger, power, and sadism. (Rapists don’t generally seem to be people who can’t get sex any other way, and sexual satisfaction isn’t necessarily the main driver.) Of course, rapists are individuals, not types: I don’t think anyone is arguing that three disjoint sizes fit all. Unfortunately, defensive behaviour will work better with some individuals than others: putting up a fight will deter some, but enrage or titillate others.

An insightful post on the same theme is Why looking through a rapist’s eyes isn’t going to help you.  Another is Analysis of “Through A Rapist’s Eyes”. While most of the statistics from the Rape, Abuse and Incest National Network – apparently based on Department of Justice figures – directly contradict those cited in the chain message.

I’d rather you read that material for yourselves rather than rewrite it all from scratch, but here are a few of the most salient points for comparison. Note that most of these data points are US-specific and not necessarily recent: the point is that they are check-able statistics, not unsupported assertions: I’d be delighted if you were to check them, and by all means let me know if you find something I didn’t check carefully enough. Though that might not delight me.

• There is no evidence that long hair makes a woman significantly more vulnerable than short hair. Or overalls!
• The assertion that 5.0-8.30 a.m. is the hotspot for sexual assault isn’t supported by the Department of Justice statistics.
• There is evidence that considerably more than 2% of rapists carry weapons. Mikkelson cites a 1995 DoJ figure of 30%: crime-safety-security.com states that ‘Roughly seven percent of acquaintance rapists and thirty percent of stranger rapists use a weapon to intimidate the victim.’ According to a list of rape myths posted at the University of Minnesota,  14% of the rapes reported to the Orange County Rape Crisis Center involved the use of a weapon. 74% involved physical force and/or threats of force.
• The New Mexico Clearinghouse on Sexual Abuse and Assault Services Rape and Sexual Assault Statistics Report indicated that “rape/sexual assault victims were most likely to be raped/sexually assaulted at home (33.7%) or at or near a friend/relative/neighbor’s home (21.3%)”. There’s no universal evidence that parking lots and public toilets are hotspots. However, the New Mexico report does suggest that certain locations (including parking lots and garages) are common locations for stranger rape. But as Mikkelson points out, it’s probably isolation that’s the common factor, not specific location preference.
• Talking of stranger rape, the UK’s Rape Crisis Centre states that “only 9% of rapes are committed by ‘strangers’.” An American source, however, citing a 1994 report on Criminal Victimization in the United States, puts the figure at 33%, as does the New Mexico report. Clearly, there are many factors that might account for regional variations.
• I really wouldn’t rely on that assertion that a predator with a gun will only hit a running target 4 times out of a hundred, especially at close range. Obviously…

It might sometimes be better to ignore the logical deficiencies of such messages because some of the advice may be helpful, I suppose, but in this case, I can’t learn to love all the contradictions and contraindications, the unsupported assertions, the ‘pot & kettle’ emotional blackmail trying to compensate for a lack of useful, verifiable comment:

If u have a heart or compassion share this photo.

WE CAN SHARE JOKES AND SPAM MAILS TO OUR FRIENDS & NETWORKS
PLEASE FOR ONCE SHARE THIS AND
LETS TRY TO HELP THEM.

Not to mention the fact that even if this message was more likely to reduce the number of assaults, it seems intent on diverting the blame from the perpetrator to the victim.

Why is the victim of rape, unlike any other crime victim, always in part, or totally, held responsible for a man’s criminal choice? Why don’t we ever ask him why he did it and refuse to accept any self-serving, victim-blaming excuses from him? Why are we so quick to give alleged sex crime perpetrators the benefit of our collective doubt, but never the alleged perpetrators of other crimes?

“Rape is the only crime in which the victim becomes the accused.”     Freda Adler

David Harley CITP FBCS CISSP
Small Blue-Green World

The paper Origin of the Specious: the Evolution of Misinformation has been quite a long time coming. It was originally intended for Elsevier, for an Information Security Technical Report, but I withdrew it when the project seemed to have stalled for an inordinately long time. Late last year, I found it lurking on my to-do list, did some updating, and the final version is now available on the ESET Threat Center white paper page (as previously flagged here).

Hat tip to Stephen Cobb for nursing it through the publication process.

David Harley CITP FBCS CISSP
Mac Virus/Anti-Malware Testing/Small Blue-Green World
ESET Senior Research Fellow

I haven’t done much on this blog recently: not because spam, scams and hoaxes have disappeared, but because there’s always lots else going on in the security threat business.

However, I couldn’t resist blogging about a conference scam email I received apparently signed by the eponymouse (sic) dancing rodent AngelinaBallerina: Scam conference invites: a tail of several cities. More mousetrap than honeytrap…

Subsequently flagged by Softpedia here. And another famous mouse works on his darker side here.

There’s also a hoax/social media white paper due out shortly on ESET’s Threat Center page. I’ll flag the paper itself here when it’s up, of course.

David Harley CITP FBCS CISSP

* Farewell Angelina – almost…

Graham Cluley has reported on a hoax – or maybe semi-hoax – spreading on Facebook. The hoax looks like this:

WARNING FOR TO ALL PARENTS WITH CHILDREN THAT HAVE ANY ELECTRONIC DEVICES , EX : IPOD,TABLETS ETC .... THERE IS A SITE CALLED TALKING ANGELA , THIS SITE ASKS KIDS QUESTIONS LIKE : THERE NAMES , WHERE THEY GO TO SCHOOL AND ALSO TAKE PICTURES OF THEIR FACES BY PUSHING A HEART ON THE BOTTOM LEFT CORNER WITHOUT ANY NOTICES . PLEASE CHECK YOUR CHILDREN'S IPODS AND ALL TO MAKE SURE THEY DO NOT HAVE THIS APP !!! PLEASE PASS THIS MESSAGE ON TO YOUR FRIENDS AND FAMILY MEMBERS THAT HAVE KIDS !!!!

There is, in fact, a Talking Angela iOS app, but according to Sophos, the app is quite harmless. Graham’s blog is here: Talking Angela iPhone app scare spreads on Facebook

David Harley CITP FBCS CISSP
Mac Virus/Anti-Malware Testing/Small Blue-Green World
ESET Senior Research Fellow

Urban Schrott, my friend and colleague from ESET Ireland, has published a blog post on those cold-hearted individuals who prey on jobseekers. (No, I mean scammers, not the government.)

It’s all too common for job offers to turn out to be some form of 419 or other Advance Fee Fraud (AFF) or a poorly paid work-from-home job. However, Urban also quotes an email that looks like a particularly unpleasant variation, where the job offered is actually participating in money laundering as a money mule. Unpleasant, because it’s possible for a naive victim to believe they’re working for a legitimate company and not realize that they’re breaking the law until the police come a-knocking.

These are global problems, not just an issue in Ireland, by the way: Urban’s article is Irish unemployed baited by online scammers

David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow

Just a pointer to a recent blog on the ESET Threatblog: It’s a Wonderful Hoax. It looks at two hoaxes that have been conflated into one chainletter (also seen on social media, especially Facebook): the “don’t have anything to do with Joe Bloggs because he’s a hacker” type of hoax, and the “Don’t open a message called [something or other] or an attachment called [something or other] because it will blow up your PC and set fire to your garden shed” (or something like that) hoax type. Oh, the nostalgia: Good Times, Olympic Torch, Life is Beautiful, all those hoaxes of yesteryear. The Untruth is still out there.

There are, of course, attachments that you certainly shouldn’t open, but mailing the entire internet to tell everyone about a threat doesn’t exist isn’t productive…

David Harley CITP FBCS CISSP
Small Blue-Green World/AVIEN/Mac Virus/Anti-Malware Testing
ESET Senior Research Fellow

I just came across an excellent article by Zeljka Zorz for Help Net Security, on Facebook scams and why users fall for them. It’s a pretty comprehensive list of common Facebook scams, including scams directly related to FB itself, ‘something for nothing’ scams, fake news, and ‘OMG’ sensational stories. Additionally, it includes a decent list of the sort of data the scammers are trying to harvest, and why people fall for the scams.

A follow-up post is promised that will consider what to do if you fall for something like this.

(Hat tip to Facecrooks for drawing my attention to the first article.)

Like.

David Harley CITP FBCS CISSP
Small Blue-Green World/AVIEN/Mac Virus/Anti-Malware Testing
ESET Senior Research Fellow