I am not the me that others think I should be. Especially if you judge my identity by those who co-opt my name and personal details – or put my image with a different name – online.
I was first alerted to my non-uniqueness by an odd tweet I received on summer vacation overseas: “Would seem like someone is scamming using your photo? Are these you?” Curious, I clicked on the link. It took me to a Facebook profile that indeed looked like it should be mine, with profile photos of me in a tux at the GeekWire Gala and on a European train.
Except the name on the profile was “Philip Graham.” From a city I’ve never even visited in Michigan.
After exchanging more tweets, I discovered photos of me under the non-Frank name had also been posted on Flickr and emailed, apparently, to a family. “Basically a classic romance scam to steal money,” my correspondent concluded. Almost offhand, he added, “Found you as he sent me a photo of yourself that you put on ‘Four tech terms to forget in ‘14’ that you wrote for 1/5/2014.”
Slightly unsettled and thousands of miles away, I mentally filed this under “handled.” But it wasn’t, really. Any more so than trying to steer around a floating piece of ice ended the bother for the captain of the Titanic.
A few months later, a friend suggested I should check out the blog of Alec Couros, a Canadian who, like me, is involved in education technology. What I read in three blog posts spanning roughly a year creeped me out. Not Couros’ description of the state of edtech. This: “Scammers used photos of me to create a false identity.”
In his series of posts, Couros described emails he’d received from women who had been defrauded or heartbroken in catfishing scams thinking Couros (or his exact double) was romancing them. He detailed his attempts to shut down scammers reportedly using parts of his identity on Skype, Christian Mingle, eHarmony, Match.com, Plenty of Fish, European social network VK.com, and Facebook (an effort which, in October, strangely backfired before it was reversed). “At any given time,” he wrote, “There are at least three fake Alec Couros’ on Twitter or Facebook, and likely dozens if not hundreds of others that I do not know about.”
That unsettled feeling was back, immediately confirmed by a search on Twitter.
Now “Frank Catalano” is a fine name, and there are many legitimate eponymous Twitter handles. Frank Catalano (@CatalanoMusic), the Grammy-winning jazz saxophonist. Frank Catalano (@fcatalano), the Robotech voice actor and acting coach.
But not Frank Catalano (@FrankCatalano9), who used the same avatar, profile photo, bio and website as my real Twitter account. Yet was clearly closer to college age: “Finally done with my Stock Market Project for Econ,” non-me tweeted earlier this year.
More troubling were random observations about religion, increasing in frequency since the account first tweeted in May 2013. I also had no idea how many of faux-Frank’s few 56 followers thought he was me – or how many had engaged with him via direct message, thinking they were messaging me.
On October 12, I reported faux-Frank to Twitter support, leading to a request to scan and upload my driver’s license and passport. By October 20, faux- was former-Frank with the confirming email, “We’ve removed the reported account for a violation of Twitter Rules.”
“Philip Graham” on Facebook proved more challenging. Direct impersonation was one thing. Using my photos as that person’s only public profile photos – well, Facebook’s profile reporting for Identity and Privacy didn’t seem to have an option for that. If you select photo content as the problem with a profile, you’re prompted to message that person to take them down. Right.
But “Philip Graham,” too, is now gone, reported October 26, taken down October 29 after Facebook reviewed what it called my “pretending to be you” report. I still have no idea how many people the dubious doppelganger friended, or what else he posted behind Facebook’s Friend wall. Nor do I yet have the guts to do a reverse-image search on Google or TinEye to see how many more faux-Franks are out there.
It’s what happens after someone thinks the pretender is you that really matters, as Alec Couros told me when I reached out to (what I assumed was) him directly. Scammers “quickly move into a personal SMS or similar relationship with their victims,” he says. “Once they have directly connected to their victims, the fake profiles become fairly meaningless and are used mostly for finding new victims.”
Even getting fake identity pages taken down doesn’t seem to deter them. “When the sites go down after I’ve reported them,” Couros notes, “often scammers will say that they have done so purposefully for whatever reason they contrive.”
“I am convinced this problem is much more widespread than we realize,” Couros says. He thinks the embarrassment of the victims itself can get in the way of finding solutions. Not to mention, as I discovered, the cluelessness of those being misrepresented.
Yet the best defense, perhaps counterintuitively, is to take a stronger digital identity offense. Couros reasons that if a person has just a few photos online, scammers can fill in gaps and weave those photos together into a false story: “Not having a distinct presence online makes it more difficult to find the real person associated with those photos.” If you post a lot of images online on sites obviously tied to, or controlled by, you, it’s easier for others to connect the pixels. That was how my vacation tweeter discovered me, via an image posted on another site.
What also might help? Viewers of social media, dating sites (and other online services that encourage individual profiles) need to develop the web literacy to sniff out whether claims are valid or suspect. In other words, they need to vigorously develop and apply a good, old-fashioned bullshit detector.