This woman appears to be under 30, but claims to have been in the corporate grind since 1996. In addition, her photo, and her similar connections, are all using stock photos as their profile pictures. Image courtesy of the author.

Screen Shot 2016-01-11 at 3.52.39 PM

Over the past year, SOFREP has drawn the attention of an increasing number of incidents involving falsified social media and email accounts targeting the writers. Albeit this is not an organic issues, as the use of subversive profiles for intelligence gathering and disinformation purposes is an ever-growing trend.

If you connect with a fake account, you risk exposing sensitive personal details. Foreign and illicit organizations are actively seeking out your sensitive details and want to map your network, collect pictures, phone numbers, email addresses, and information about where you live, work and play. Currently Chinese and Russian spies are said to be the primary users of this methodology. Although additional governments and criminals have adapted this approach for their own nefarious means.

Recently SOFREPs’ own, Jack Murphy, was the target of Russian intelligence services via deceptive email practices. The agent who was operating behind a masked internet protocol address, while attempting to establish the personality of an attractive woman – attempted to bait Jack with some well-packaged information. The info turned out to be nothing more than slanted pro-Russian propaganda, and the plot was uncovered before any real-time was dedicated to the attempted deception. 

Chinese spies performed a high-level example in 2013. The spies executed a modest yet devious plan, simply by creating a counterfeit Facebook profile in NATO’s, Supreme Allied Commander James Stavridis’ name. On name recognition alone, they were able to connection with senior NATO member-nation military officers and defense staff and their families.

Lighter attempts take place on a daily basis, and these can identified by the simple discrepancies in the requesting person’s profile. For instance, their profile is relatively new. The requester may have very few or mismatched connections – which is often the result of a bulk requesting campaign on their behalf to establish legitimacy. If there is any use of stock photos, as an attempt to pass as a real person – that is a red flag. You should also spot-check the information they provide for any inconsistencies or relevance, as to why they should be your connection. This is the internet after all; you have no idea who is really on the other side of your screen. 

Screen Shot 2016-01-11 at 3.52.51 PM
A recent deceptive request, note the stock photos. The profile pictured was deleted prior to the publication of this article. Image courtesy of the author.

You should not be surprised if a connection, is a recent connection of the requesting person, or even if they have received their endorsements, simply watch, and wait. If it seems fake; it probably is. In fact, if you are not sure, let their request sit in limbo, as many false profiles disappear in a relatively short amount of time. This will also provide you with the opportunity to monitor them, and make your determination based off their actions.

If you are currently connected with some questionable people, consider who may be watching while you communicate. Are these random people, identified only through shared content, a few typed post, and random photos who they claim to be? Is that really your old college friend who is asking overly specific questions about what you are up to and where you work, or are you in collusion with a foreign agent?

In the end, if you encounter anyone operating under false pretenses, you should simply observe and report. Make good use of the report functions within your social media network – your report may derail the profile they are currently using, and hinder their operations, if only for a little bit. If you see something on their profile that suggests the worse, or they send you a seditious message, capture a screenshot and report it to the appropriate authorities.

Be skeptical of the connections you make while engaging on social media, or via email. If you have never met the person in question before, you are under no obligation to converse with them simply because they sent you a request. Use your best judgement and remember that it will not hurt to spend a little time, do some research and vet someone that you do not really know. That simple time investment may make the difference between letting the enemy know what type of cat photos you like, where you live, and who you know – or it will keep them in the dark, and at a distance.