All products featured on WIRED are independently selected by our editors. However, we may receive compensation from retailers and/or from purchases of products through these links.
Updated 6:50 p.m. EDT with statement from Elke Wong, the chief operating officer of Madison Logic:
What do the following people have in common?
Jill Dawnsoll, Kerry Ohnes, Dakota Baylie, Ellanah Cailn, Heidi Illems, Mirinda Latel and Paige Decanso.
For one thing, they don't appear to be real people at all -- although their Twitter accounts are designed to look like they are. Not one of the individuals listed above was found on a routine, nationwide white-pages search. Not one of them was found in a search on Facebook, the world's largest social network, with more than 600 million members. Google searches for the names produced few results, all of which appear to originate from the Twitter accounts themselves. (See "Heidi Illems" for example.)
Instead, these appear to be phony Twitter accounts, set up as part of a spam marketing campaign with the object of harvesting e-mail addresses and other personal information. This Twitter scam is an example of the lengths to which marketers will go in order to harvest valuable e-mail addresses, which can then be resold in bulk and used for mass mailings and other annoying commercial solicitations -- or worse.
As Twitter grows like wildfire, spam is becoming an increasing problem for the service, and spam purveyors are using fake or disguised accounts, as well as increasingly sophisticated computer programs called "bots," to try to evade Twitter's terms of service. For example, whenever a hot new tech product like the iPad 2 is released, spammers track mentions of the product and follow or retweet the accounts.
Amy Vernon, a well-known social media expert who is VP of strategy at social media consultancy Hasai, told Wired.com that "it is exceedingly obvious that these are dummy accounts."
"If this is an actual marketing effort on Twitter, it's pretty bad," Vernon said. "A lot of people throw around terms like 'transparency' and 'authenticity,' so they sound trite, but they're important on social media."
"It's much better to create one account, and build up a relationship on Twitter, or any other social media site or platform," Vernon added. "But create a bunch of spam accounts with made-up people behind them? No one's going to pay attention, and you'll be lucky if they aren't all deleted as spam within days."
Each of the accounts depicts a young woman, and several of them have vaguely impressive sounding titles like "Ecommerce analyst and consultant," "Marketing and Business Intelligence Consultant," "Web Designer Specializing in Online Advertising," "Business and Marketing Intelligence Specialist," and "Interactvie [sic] Web Designer and Programmer." ("Kerry Ohnes" may want to double-check the spelling of "interactive.")
Each of the accounts appears to be peddling about a dozen so-called "white papers," with vaguely-impressive sounding titles like "The Complete 120-Page Guide To Social Media Marketing and Business Intelligence," and "Market Research and Social Media in the 21st Century."
The accounts appear to be controlled by some sort of bot, which is automatically tweeting, in some cases, at 20 minute intervals. It's important to remember that not all bots are bad -- they're merely an automation tool, and there are are plenty of useful applications, like RSS feeds, the Techmeme "fire hose," and various deal and coupon bots.
A spam-bot is designed to flood the stream with the same or similar content, possibly over many, many accounts, in an effort to deluge the system. The fact that the accounts are fake only makes matters worse. In this case, the various phony accounts appear to be pumping hundreds, if not thousands of links, automatically, to the same site every day.
Clicking through to the "white papers" takes the unwitting mark to the web page of an outfit called CIOWhitePapers (A Resource Library For Business Professionals.) The user is then asked to enter an e-mail address in order to "Signup To Download This Free Report Now." After providing an address, the mark receives an e-mail back asking to confirm.
The mark hits the Confirm link, and that's it. Their e-mail has been harvested. (Wired.com went through the process using a test e-mail address set up specifically for this purpose.)
The CIOWhitePapers site prominently displays a link advertising a publication absurdly -- but tantalizingly -- called, "The Executive Guide to Understanding Business Requirements." Clicking on that link takes the user to this page, on the website of a company called Madison Logic, which asks for detailed personal information in order to access the report, including name, physical and e-mail addresses, phone number and employer.
On its website, Madison Logic describes itself as "the only ad-serving company built specifically for online lead generation to respond to the evolution of performance marketing."
To be clear, CIOWhitePapers and Madison Logic are separate entities. The dummy Twitter accounts linked to the former, on whose site the latter was advertising. Madison Logic was founded in 2009, according to MediaPost, by marketing executive Eric Matlick. A voice message left at the New York headquarters of Madison Logic was not immediately returned.
Unlike Madison Logic, which is a known company run by known industry figures, CIOWhitePapers has almost no paper-trail.
A whois search for the owner of the domain www.ciowhitepapers.com shows that it is privacy-protected, but the confirmation documentation lists the address of a ranch-style house in Pomona, California, a suburb of Los Angeles (pictured below, from Google Maps street view). The occupants of the house were not immediately reachable, and an e-mail sent to an address listed on the confirmation was not returned. (Wired.com is withholding the full names associated with the address until they can be contacted. But suffice it to say that the individual who appears to be behind CIOWhitePapers seems to be using his parent's home address. Not cool, man: E-mail us!)
It's not at all difficult to set up a scheme like this, and while the images used on the phony accounts seem to depict real people, it's likely that the actual individuals are unaware that their images are being used for this scam. It's very easy to snag images from the web, and stock images can be cheaply obtained. (Yet another reason to think twice before plastering pictures of yourself all over the web.)
In its terms of service, Twitter seeks to indemnify itself from liability over such scams by saying that it does not "endorse, support, represent or guarantee the completeness, truthfulness, accuracy, or reliability of any content or communications posted," and warns that "you may be exposed to content that might be offensive, harmful, inaccurate or otherwise inappropriate, or in some cases, postings that have been mislabeled or are otherwise deceptive."
However, the offical Twitter Rules contain a lengthy discussion of "Spam and Abuse," including the following:
Twitter takes a number of factors into account to determine if content is "spam," including: "If your updates consist mainly of links, and not personal updates; If you post misleading links;" and, "If you post duplicate content over multiple accounts or multiple duplicate updates on one account."
A Twitter spokesperson said the company does not comment on the spam-identification process, and added that "for hopefully obvious privacy reasons, we don't report on the origins of individual accounts."
The spokesperson said Twitter relies on users to help police the site: "Block the accounts and report them as spam."
See Also:
