Tag Archives: identity

What Kind of (Digital) Citizen?

Posted on by

This post was co-written with Katia Hildebrandt and also appears on her blog.

This week (June 5-11) we’ll be hosting a couple of events and activities related to digital citizenship as part of a series of DigCiz conversations. Specifically, we’d like to deepen the discussion around digital citizenship by asking how we might move from a model of personal responsibility (staying safe online) to one that takes up issues of equity, justice, and other uncomfortable concepts. That is, we want to think about what it might look like to think about digital citizenship in a way that more closely resembles the way we often think about citizenship in face-to-face contexts, where the idea of being a citizen extends beyond our rights and also includes our responsibility to be active and contributing members of our communities. Of course, that’s not to say that face-to-face citizenship is by default more active, but we would argue that we tend to place more emphasis on active citizenship in those settings than we do when we discuss it in its digital iteration.

So…in order to kick things off this week, we wrote this short post to provide a bit more background on the area we’ll be tackling.

Digital Citizenship 1.0: Cybersafety

The idea of digital citizenship is clearly influenced by the idea of “Cybersafety,” which was the predominant framework for thinking about online behaviours and interactions for many years (and still is in many places). This model is focused heavily on what not to do, and it relies on scare-tactics that are designed to instill a fear of online dangers in young people. This video, titled “Everyone knows Sarah,” is a good example of a cybersafety approach to online interactions:

The cybersafety approach is problematic for a number of reasons. We won’t go into them in depth here, but they basically boil down to the fact that students aren’t likely to see PSAs like this one and then decide to go off the grid; the digital world is inseparable from face-to-face contexts, especially for today’s young people who were born into this hyper-connected era. So this is where digital citizenship comes in: instead of scaring kids offline or telling them what not to do, we should support them in doing good, productive, and meaningful things online.

From Cybersafety to Digital Citizenship

Luckily, in many spheres, we have seen a shift away from cybersafety (and towards digital citizenship) in the last several years, and this shift has slowly found its way into education. In 2015, we were hired by our province’s Ministry of Education to create a planning document to help schools and districts with the integration of the digital citizenship curriculum. The resulting guide, Digital Citizenship Education in Saskatchewan Schools, can be found here. In the guide, we noted:

“Digital citizenship asks us to consider how we act as members of a network of people that includes both our next-door neighbours and individuals on the other side of the planet and requires an awareness of the ways in which technology mediates our participation in this network. It may be defined as ‘the norms of appropriate and responsible online behaviour’ or as ‘the quality of habits, actions, and consumption patterns that impact the ecology of digital content and communities.’”

In the Digital Citizenship Guide, we also underlined the importance of moving from a fear- and avoidance-based model to one that emphasizes the actions that a responsible digital citizen should take. For instance, we suggested that schools move away from “acceptable use” policies (which take up the cybersafety model) and work to adopt “responsible use” policies:

Moving Beyond Personal Responsibility

While the move from cybersafety to digital citizenship has helped us to shift the focus away from what not to do online, there is still a tendency to focus digital citizenship instruction on individual habits and behaviours. Students are taught to use secure passwords, to find a healthy balance between screen time and offline time, to safeguard their digital identity. And while all of these skills are important pieces of being a good digital citizen, they revolve around protecting oneself, not helping others or contributing to the wider community.

So we’d like to offer a different model for approaching the idea of citizenship, one that moves beyond the individual. To do this, we have found it helpful to think about citizenship using Joel Westheimer’s framework. Westheimer distinguishes between three kinds of citizens: the personally responsible citizen, the participatory citizen, and the justice oriented citizen. The table below helps to define each type.

Table taken from Westheimer’s 2004 article, linked above.

Using this model, we would argue that much of the existing dialogue around digital citizenship is still heavily focused on the personally responsibility model. Again, this is an important facet of citizenship – we need to be personally responsible citizens as a basis for the other types. But this model does not go far enough. Just as we would argue that we need participatory and justice-oriented citizens in face-to-face contexts, we need these citizens in online spaces as well.

So here’s our challenge this week: Is there a need to move beyond personal responsibility models of digital citizenship? And if so, how can we reframe the conversation around digital citizenship to aim towards the latter two kinds of citizen? How might we rethink digital citizenship in order to encourage more active (digital) citizenship and to begin deconstructing the justice and equity issues that continue to negatively affect those in online spaces, particularly those who are already marginalized in face-to-face contexts? And what are the implications of undertaking this shift when it comes to our individual personal and professional contexts, especially when it comes to modelling online behaviours and building (digital) identities/communities with our students?

These are big questions, and we certainly don’t have the answers yet – so we’d love to hear from you! Please consider commenting/responding in your own post, or come join us as we unpack these complex topics during the events listed below.

This week’s events:

  • On Tuesday, June 6 at 3 pm EDT, we will be hosting a webinar to discuss this week’s topic. If you are interested in being a panelist, please email us at alecandkatia@gmail.com – we’d love to have you join us! The Webinar will take place via Zoom.Us – to join as an attendee, just click this link.
  • On Wednesday, June 7 at 8 pm EDT, we will be moderating a Twitter chat with a number of questions related to this week’s topic. To join, please connect with us on Twitter (@courosa and @kbhildebrandt) and follow the #DigCiz hashtag.

Are you being catfished?

Posted on by

This post was written jointly with Katia Hildebrandt and also appears on her blog.

Catfishing schemes, or romance scams, continue to plague social networking services. In fact, the issue has become so common that there’s a good chance that one of your recent “friend” requests actually came from a scammer versus someone who is actually interesting in pursuing a genuine friendship. Unfortunately, social networks on the whole seem content to turn a blind eye on the problem, despite the fact that people lose thousands of dollars to these types of scams every day. So, due to this alarming issue and utter lack of response from social networking sites, we’ve compiled a few tips, techniques and questions to ask yourself when evaluating an online profile. We hope that this information might prove be useful for both personal use and as an instructional tool.

Step 1: Assess the authenticity of the profile picture

This is really the easiest place to start. Drop the picture into Google’s reverse image search to see where else the image appears. TinEye, a dedicated reverse-image search engine, is also a great tool that can be used for to perform this search. If the picture is associated with many different names or profiles, it’s likely that you’re dealing with a scam account.

Step 2: Critique the bio

Catfishing accounts often use similar biographical components. Some red flags include:

  • A relationship status of “widowed” or “divorced” (obviously not all widowed or divorced people are catfishers, but this status in combination with other red flags might be an indication of a fake account)
  • A job that is of exceptional status and that may require a great deal of travel and/or periods without communication (e.g., military, engineer, oil worker, self-employed, shipping), making it easy for the scammer to make excuses for being absent, unavailable, or out of the country.
  • An “about” section that includes clichéd, romantic statements such as “looking for love” or statements that may stereotypically reinforce one’s integrity (as in this scammer profile below; also note that he describes himself as “God-fearing” and that there are obvious spelling mistakes in the name of the supposed alma mater – which we discuss more later):

1

Step 3: Investigate the profile name

The name on the account can also be a clue about the legitimacy of the account:

  • Many catfishers seem to pull from a list of popular names. If you search for the profile name on Facebook and lots of other profiles with the same name and similar occupations pop up, you may want to look more closely. At the time of writing, numerous “Nelson Colbert” profiles appear on Facebook and all seem to be fake profiles made up similar components discussed so far (e.g., stolen profile photo, suspect occupation, etc.).

2

  • Check to make sure that the name on the profile matches the name in the URL. Otherwise, it might be a sign that the scammer has had to change their profile name when a victim found them out.

3Google the profile name. Most people have at least some sort of digital footprint these days. Can you find the person? Does what you find match up with what they are telling you?

Step 4: Investigate the profile page

Some other elements of the profile to watch out for include:

  • Number of friends: Does the person have few friends? Do their friends interact authentically with them on their page, or do you only see the same people commenting/liking over and over again?
  • Types of friends: Often, if you are able to see the scammer’s friend list, it will consist overwhelmingly of people of the opposite gender (the target victims), as in this screenshot of a male scammer’s friend list:

4

  • Age of the profile: Is the profile brand new, or is there a history of photo uploads, status updates, posts from others, etc? Also, note that profile posts can be backdated and locations can be faked (as seen in the image below) to make a profile seem like it has a longer history than it actually does. However, the year that the (Facebook) profile was created can’t be faked.

5

  • Photos: Does the profile have only a few photos, or are there a variety of photos, including photos with others (watch out for pictures with children, as this can be part of the scam)? Do the photos look photoshopped (see “ghost dog” example below)?

    6
  • Mutual friends: Do you have any mutual friends? Note that having a small number of mutual friends isn’t necessarily a sign of legitimacy: scammers will sometimes friend a victim’s friends to make themselves seem more legit. If you have only a small number of mutual friends, it’s a good idea to contact those friends to see if they actually know the person. In many cases, your friend may have accepted the fake profile, due to less discerning personal protocols regarding “friending” or simply in error.
  • Language/grammar: Many scammers do not speak English as a first language. If you notice many spelling or grammar mistakes even though the person claims to be from an English-speaking country, proceed with caution.
  • Religious affiliation: Scammers will also often pose as devoutly religious individuals and sometimes use scripture or religious language to appear more trustworthy or to manipulate their victims through shared belief-systems. In fact, religion-specific dating sites such as Christian Mingle, JDate, or Shaadi are often used by scammers.

Step 5: Watch for tell-tale behaviours

Scammers often follow predictable patterns of behaviour, and there are some common red flags:

  • Use of a private messaging platform: A scammer will often quickly try to move the interactions over to email, SMS, or a different instant messaging platform. This is done so that if the original profile is identified as a fake account and removed by the social network, the scammer will not lose direct contact with their potential victim.
  • Rushing towards commitment: Scammers will try to move online relationships forward very quickly. It’s not uncommon for a catfisher to bring up marriage or to profess their love after only a few days or interactions; this helps to build a great sense of attachment and obligation, making victims more likely to agree to help the scammer later on.
  • Refusal to use video communication: Catfishers will often refuse to use anything but text or voice-based communication and will give excuses about poor connections to avoid having to Skype.
  • Out-of-sync, glitchy, or looped video: If a scammer does agree to video chat, their stream will generally be of very poor quality. This is because the scammer is usually using stolen footage that they found on Youtube or elsewhere online in order to fake a live conversation. In such cases, if audio is also present, it will appear to be out of sync with the video. Scammers may also cut video conversations short and complain of connectivity issues.
  • Repeated excuses to avoid meeting face to face: Catfishers will often make plans to meet up with their victims, but these plans will always fall through at the last minute for one reason or another.
  • Requests for compromising photos/videos: Often, scammers will request nude images or ask victims to participate in video chats of a sexual nature. These images or videos can then later be used to blackmail the victim, for instance, by threatening to send the files to the victim’s entire contact list or employer.
  • Emergencies: Once the catfisher has hooked their victim, they will likely be involved in some type of “emergency” situation. This might be an illness, loss of job, or the need to leave a location suddenly. In many cases, the scammer’s “children” may be involved.
  • Requests for money: This is obviously the top indication that you are dealing with a scammer. The request can take a variety of forms; two common techniques include advanced-fee fraud and requests for a money transfer through a company like Moneygram or Western Union (to make the money difficult to trace). Often, the victim will be told to send the money to someone other than the scammer (since the scammer is using a fake name).

Step 6: Ask for confirmation of identification

If you still aren’t completely sure whether or not you are dealing with a scammer, you can always ask for some form of confirmation.

  • Passport: Often scammers will provide a photoshopped passport as proof of identity (as in the image below). If the passport seems questionable, you can find images of real passports from various countries and compare them. You can also check out the passport photo guidelines for various countries (for instance, here are the US guidelines), which can help you determine if the photo meets the size/shape requirements.

7

  • Real-time photo or video: To verify identity, you can ask the individual to provide a real-time photo (with a newspaper with that day’s date, or holding up a certain number of fingers) or to perform certain actions while on video (raise one hand, clap hands, etc.). As well, if the scammer does provide a photo, be sure to check for signs of photoshopping, like in this picture below where the head has been (poorly) photoshopped onto the body and thus seems inordinately large.

8

  • At this point, we also can’t stress enough the need to use your common sense. If a profile just seems too good to be true, it unfortunately probably is (just like you don’t really have a secret relative who is the king of an African country and wants to share his wealth with you).

Step 7: Block, report, and warn others

Once you have determined that you are communicating with a scammer profile, there are a few steps you should take:

  • Report: Most social networking or dating sites have some sort of reporting tool. Often, reporting a profile will lead to it being taken down, preventing future scams on that account. As well, many victims report fake profiles to sites like Romance Scam or to Facebook groups set up to share information on scammers.
  • Block: Once you have reported the profile, you should unfriend and block the user. You may believe that the damage is already done, but if you do not unfriend and block the scammer, they will still have access to your photos, account info, and friends list. As well, people may see that you are friends with the scammer and take this as a sign that they can safely friend the account themselves.
  • Warn others: Another good step is to warn others in your circle of friends, especially if you notice that the scammer is attempting to connect with other members of your contact list.
  • Be vocal: Although there have been many attempts to improve policies at social networking services (we’re looking at you, Facebook), ultimately it will likely take a critical mass of complaints, media coverage, and awareness in order to achieve real change. So make you voice heard!

Other things to look out for:

  • Scammer “families”: In some cases, scammers will create an elaborate network of friends and family in order to bring legitimacy to the scammer profile. For instance, the fake Alex Gallart’s circle of contacts included his mother, friend, and daughter (of these, only the mother’s profile, Maria Gallart, is still up). In this case, scammers were actually using real photos of Alec’s family members to build the fake family.
  • Twinned accounts: One technique we’ve seen more of recently is when scammers create accounts that are essentially doubles of existing accounts. For instance, see these two photos:

9

Scammers will use these profiles to connect with the real person’s friends and family, who simply think they are (re)connecting with the victim. Then, the scammer can use a variation on the “grandparent scam”in order to ask friends and family to send money to deal with an emergency.

Facebook Is Still Broken …

Posted on by

I received this email a few minutes ago (and a few hours after I noticed that my Facebook account was down).

Katia_Hildebrandt_says___

For the fourth time, Facebook has disabled my account because the company doesn’t believe I am who I say I am.

Yes, apparently I’m the one with the fake account.

Not “Obrien Gary Neil” or “Michael Walter” or “Nelson Colbert” or “Trofimov Sergei” or “Anne Landman” or “Dounas Mounir” or “Kyle W. Norman” or one of the hundreds of other fake accounts that I have reported to Facebook for using my images to scam vulnerable women across the globe. No. Once again, Facebook has decided to disable my account for using a fake name.

Despite the fact that I’ve already had to submit my government-issued ID to Facebook in each previous case.

Despite the fact that my account is nearly a decade old and linked to 2000+ Facebook friends.

Despite the fact that I’ve had countless media interviews about the problem.

If it can happen to me, it could certainly happen to you.

I’m starting to feel like a broken record, but I really need your help. Please share so that we can get Facebook’s attention. The reporting system is badly flawed, and as I’ve written previously, Facebook really needs to get it fixed.

Facebook Is About To Make Catfishing Problems Even Worse

Posted on by

Scam Computer Keys Showing Swindles And Fraud

Over the past week, I’ve had a number of people share articles with me related to Facebook’s testing of a new feature that is purported to alert Facebook users when it finds that someone is impersonating your account. Once the user is alerted, that user is then able to report the fraudulent account and pray that Facebook will take it down. However, given my 8 years of experience with this problem, I feel that I am qualified to say that this approach will simply not work for a number of reasons.

  1. Facebook often fails to take down fraudulent profiles: While I have successfully had Facebook take down hundreds of fake profiles (I find several new ones each day), there are certain profiles that it simply does not take down. For instance, I’ve been trying to get Facebook to take down the account of “Trofimov Sergei” (a user who is clearly using a profile photo of me and my son) for over a year now. Yet, no matter how many times I report the account, the profile remains. More disturbing is the fact that if you search for “Trofimov Sergei” on Facebook, you will see dozens of fake accounts by the same name using stolen photos of other men. Most of the deception is done in private communication with the (potential) victims, but every once in a while, you will find a public post where the fraudsters are asking for money for a feigned illness. Luckily, there are many people (often former victims) who do uncover and share their knowledge of these fraudulent accounts in order to contain some of the damage.
  2. Scammers may use photos of your children as their profile photo: After hundreds of reports, Facebook still refuses to take down the account of “Nelson Colbert,” a scammer who is using photos of my children as a profile photo. When you report an impersonation in Facebook’s current reporting tool, you ultimately have to choose one of the following: A) “This timeline is pretending to be me or someone that I know”, or B) “This timeline is using a fake name.” I have been completely unsuccessful when using Option B, and I have had only limited success with Option A: when you choose this option, you are asked to identify the user who is being impersonated, but when I identify myself, Facebook quickly rejects the report as it is clear that I am not the person in the profile photo. I have attempted to use Facebook’s “Report An Underage Child” tool (which is only available in Canada after you logout, apparently), but this has also been completely unsuccessful. The most unnerving part of this particular profile is that I receive more reports about it from victims than I do about any other. In fact, there are literally dozens of pages of search results that relate to “Nelson Colbert” and this scammer’s involvement in fraudulent activities. Yet, it appears that Facebook has made this account untouchable. I suspect that the scammer behind it may have created falsified documentation to get the account validated internally.
  3. Scammers may use your elderly mother’s photo as their profile picture: These criminals often create sophisticated networks of friends and family in their schemes. For instance, the scammers created a fake profile using my mother’s photos and named her Maria Gallart. I cannot report this profile directly to Facebook; instead I am only able to report it to my mother to deal with it. I did so, and as you would imagine, the distress, anxiety, and uncertainty that this caused my nearly 80-year-old mother was not something that she needed nor something that she necessarily knew how to deal with. And even with my assistance, reporting the fraudulent account from my mother’s account (many times) has not led to the account being taken down.
  4. Facebook doesn’t always believe the “real” person in cases of identity fraud: Facebook has taken down my account twice because a scammer reported me as being the fake Alec Couros. In both cases, I had to submit my passport to Facebook via email for verification (which is incredibly problematic for security reasons). I am unsure of why I had to do this twice, and I am puzzled as to why my account wasn’t verified either time (even though I have applied for verified status). Facebook’s proposed system will have to rely on verifying an account using a secure, consistent, and foolproof system if it is to be successful. To date, the company has failed miserably in this respect.
  5. Facebook’s proposed system could give an advantage to the criminals: Fraudsters have often used photos of me that I have never previously used on Facebook. Based on the incomplete details provided so far about this new alert system, one might assume that if I were to use any of my personal photos after a scammer had done so, I would be the one flagged as an impersonator. Thus, the criminal might easily be regarded as having the authentic profile, which sounds like really bad news.

The Mashable article shared at the beginning of this post states that Facebook is rolling out these features as the company attempts to push its presence into regions of the world where “[impersonation] may have certain cultural or social ramifications” and “as part of ongoing efforts to make women around the world feel more safe using Facebook.” If that is the goal, Facebook’s proposed technology won’t help, and it may very well make things worse for women (or anyone) using the site. Already, Facebook is plagued with identity thieves who adversely affect the safety, comfort, and freedom of many of its users, and the problem will only continue to grow with these types of half-baked efforts. You may not be affected now, but unless Facebook does something to fully address this issue, you almost certainly will be.

The Future of Identity Theft

Posted on by

I’ve written and spoken extensively about my problems with romance scammers, criminals who have used my photos (and the photos of many others) to create fake profiles and trick victims into sending them significant amounts of money. In my research, I’ve learned that many potential victims ask for a video chat with scammers as a way for them to prove their identities. In fact, participating in a video chat and then asking supposed suitors to perform particular actions on request (e.g., hold up two fingers on your left hand) is often touted on anti-scammer sites as a way to ensure that the person that you are talking to is in fact who they say they are and not a scammer who may be using recorded video as their video source (a common and frightening possibility).

Well, verifying identity online has just become even more complex. As you have already likely discovered, there are a number of freely available apps (e.g., Snapchat, FaceSwap Live, MSQRD) that allow for live face-swapping. In fact, MSQRD was recently purchased by Facebook, and there have been suggestions that face-swapping could become more directly integrated into the social network. If you have used one of these apps, you’ll likely agree that face-swapping can be a lot of fun, but these are fairly touchy/glitchy apps and their use could be easily detected. However, this may not be the case for long.

Researchers from Stanford University recently released a project that works to “animate the facial expressions of the target video by a source actor and re-renders the manipulated output video in a photo-realistic fashion.” The results are incredible, but the implications for identity theft are incredibly frightening, in effect allowing scammers to become puppet masters who manipulate the faces and bodies of their fake profile avatars. Takes the idea of “authentic identity” to a whole new level, doesn’t it?

r/NextSpace (Reddit)

Posted on by

For a number of years, I’ve enjoyed using Reddit as a source for my daily reading. Reddit, often known as “the front page of the Internet,” is often where one can find stories and trends before they go viral in the mainstream. As well, because of the networking and conversational properties of the spaces, I’ve often mused about the potential of Reddit as a space where educational conversations might be hosted and shared. There are several education-related subreddits (specifically-themed topics or communities) such as r/education and r/edtech, but these spaces tend to be a bit stagnant.

Just recently, my friend @j0hnburns (and colleagues) took on the idea of developing a new subreddit at r/NextSpace with the goal of creating a space where deeper conversations around edtech related topics could be hosted and shared. He’s written about the launch and has included the overall rationale, how to get to started with Reddit, and how to contribute to r/NextSpace.

To help with this launch, I’ve agreed to do an AMA (Ask Me Anything) starting on Monday March 14th, 8pm EST (or see your time conversion here). To participate, check out this AMA thread, ask questions (you can post them early if you like), upvote or downvote the questions or comments of others, and I will do my best to respond to whatever gets asked. I know I’m nowhere near as big of a draw as those who have led some of the most popular AMAs, but hey, I’d like to help in any way to get this started. Plus, I think I have a lot to share regarding my thoughts on edtech, digital citizenship, digital identity, or other related topics. And of course, an AMA is about what you contribute as well!

So I hope that you will give Reddit and r/NextSpace a try, and hopefully I’ll hear from you at the AMA next week!

Catfishing Tricks Become More Complex

Posted on by

Yesterday, I received the following Facebook message:

Message from "Bola Shagaya"

I posted this to my Facebook wall when I received it, and it was interesting to hear from several people who felt they might have been fooled had they received the same message. After nearly a decade of becoming familiar with the tricks of these scammers, I question just about every angle. While this was the first time that I have received a message like this, the motive for the message seemed obvious to me. A photo of me that verifies the date would make it possible for a scammer to “prove” they were really me (rather than just using old photos). As well, if I had Googled the name of the sender (like my colleague Katia did), I might have wondered how this famous Nigerian business woman had the time to message me personally (and perhaps even why she cared about a mere 150K).

Today, I was contacted by another person on Facebook who had heard from her friends that a profile with her name, photos, and identifying information was trying to friend many of them. Several reported this to be suspicious so she immediately warned her friends with a status update. I asked her where the fake profile was and she found it for me. What we noticed was really sneaky (and horrible).

See below, the real person’s profile:

Joy_Brennan

Now, look at the fake profile:

Joy_Brenan

Do you see the important difference? The profile and header photos are the same in each. The friend count is certainly different. But the big thing is the spelling of the name. The authentic profile is “Joy Brennan” (two ‘n’s) and the fake profile photo is “Joy Brenan” (one ‘n’). The especially sneaky part is that if you were to try and search for fake Facebook profiles with your photos and name, this would make these much more difficult to find.

So why would the scammers do something like this? My guess is that they were hoping to perform a scam such as the common “email hijack,” where members of an existing friends/family network could eventually be tricked into sending money due to a contrived distress call (e.g., I was robbed while traveling, please wire me money).

So there you have it - a couple more scams to be concerned about. Oh, and Facebook still isn’t doing anything about these problems.

Continued Catfishing Woes

Posted on by

Landing in Regina tonight, I checked my phone to find the following tweets directed at me.

Screen Shot 2016-03-03 at 12.44.16 AM

Screen Shot 2016-03-03 at 12.44.45 AM

Screen Shot 2016-03-03 at 12.45.14 AM

Screen Shot 2016-03-03 at 12.45.38 AM

Screen Shot 2016-03-03 at 12.46.03 AM

From what I was able to understand, it appears that this tweeter has been chatting with a person by the name of James Vardy who is using my photos (as seen in the screenshots). However, she believes that I’m the guy she is actually talking to and that I’m “sick” and a “pervert.” A quick search in Facebook brought up this fake profile that I have now reported. Below is a screenshot in case it actually gets taken down by Facebook (which is rarely ever the case).

James Vardy Fake FB Profile

James Vardy Fake FB Profile

It was difficult to make out exactly what happened between this tweeter and the scammer. It sounds like the scammer didn’t want to use video during chat, but this tweeter did and it broke his “rules.” The scammers obviously would much rather communicate via audio or text because video can give up their identity (unless they are exploiting the videos of those they impersonate such as in the manner that I describe in this clip). Even so, this fake video approach only works in small doses and scammers only use it to strengthen their deception and then continue on via text and voice.

You’ll also notice that the tweeter opens up with accusations that I was showing her my “privates.” Sigh. I’m not sure if this tweeter actually saw someone’s privates on her screen, but I know that this sort of explicit interaction is commonly sought out by scammers to provoke their victims to share the same. Once the scammers have captured explicit photos of their victims, the scammers can then blackmail victims for money or in rare cases, the victims can become scammers themselves.

After reading these tweets, I quickly alerted the tweeter that she was speaking to a scammer. I also sent her this resource that I prepared to help victims understand their situation. She didn’t seem to believe me.

Screen Shot 2016-03-03 at 12.46.49 AM

Screen Shot 2016-03-03 at 12.47.16 AM

Screen Shot 2016-03-03 at 12.47.33 AM

Fun, hey? I didn’t bother replying after that. While her tweets are public, my replies only bring publicity to the situation and I assume that most people who read my tweets don’t actually know about my long-term catfishing predicament.

It’s honestly exhausting dealing with this. And, I’m not the only one who is having to do so. Check out Alan’s latest post on his efforts in trying to get Facebook to take down a scammer account that is using his photos. This overall situation is only going to get worse, and social networking services continue to look the other way.

And hey, just wait until face swap technology gets a bit better … then we’re pretty much all doomed.

Romance Scams Continue And I Really Need Your Help

Posted on by

If you follow me closely, you know that I’ve been discussing romance scams (also known as “catfishing”) for several years now. In short, a romance scam is where criminals will harvest photos from social media and dating site profiles and then use these photos to set up fake profiles on these same sites to enter into online relationships with individuals for the purpose of defrauding victims out of money. A more technical definition of the term romance scam is provided below.

A romance scam is a confidence trick involving feigned romantic intentions towards a victim, gaining their affection, and then using that goodwill to commit fraud. Fraudulent acts may involve access to the victims’ money, bank accounts,credit cards, passports, e-mail accounts, or national identification numbers or by getting the victims to commit financial fraud on their behalf. (Wikipedia)

For at least eight years, scammers have been using my photos, and the photos of my family, to commit these crimes. I hear from new victims on a daily basis as they frequently find the “real” me through my previous writings on the topic. Unfortunately, many victims find out too late, often after they have already sent significant amounts of money to these scammers and/or have developed a significant emotional attachment. These are deeply complex crimes that rely on a victim’s capacity for love, trust, and good will for the execution of fraud.

Today, I read a victim’s report on a Facebook group that is dedicated to raising awareness of these scammers. The post is worth the read in itself as it highlights some of the tactics used in these cases. Relevant in this case is that the victim pointed to several social media profiles that were created with my photos and the photos of my family. I’ve included screenshots of these fake profiles below with some added context.

First, there is the fake profile using my photos and the name Alex Gallart. The use of a similar first name is notable as past victims have told me that once they found my real identity they would approach the scammers with evidence of me actually being “Alec Couros”. In turn, the scammers would simply say that they use slightly different names or surnames for whatever purpose (e.g., mother’s name, professional name, etc.). In many cases, this additional lie seems to be taken up as plausible.

AlecGallart

Then there’s photos of my real brother George whose fake name is John Williams in this case. Scammers will set up networks of fake profiles and communicate to victims from each of these to validate the key profile’s identity.

JohnWilliam

Then, why not throw in photos of my real daughter as well? In this case, the scammers use the fake name of Clara Gallant to set up yet another profile. Alec Gallart seems to be more authentic with each additional connection.

ClaraGallart

Wait. Not real enough for you? How about we add photos of my real mother in yet another fake profile. As we know, grandmas will never lie to you.

MariaGallart

But I guess that wasn’t enough. A family’s set of fake profiles is pretty convincing, but the scammers felt that they needed to go the extra mile to make Alec Gallart even more convincing. The scamers thought it would be great to exploit my father’s death (he passed away in 2013) by including this photo of my children at his burial mound.

_1__Maria_Gallart

And they also included this photo of my mother remembering my father’s death via Facebook.

_1__Maria_Gallart 2

So there you go. The more complex the social network becomes, the more convincing the scam will be.

So, this is where I need your help. This happens to me every single day. But it’s not just happening to me. It’s also happening to thousands of others on a daily basis. But, Facebook and other social networks just simply do not acknowledge that this problem exists. For instance, there is no specific way to report these accounts as romance scammers in Facebook’s reporting tool. In fact, as you can see by my friend Alan’s experience, these fake accounts will often be deemed as following Facebook’s community standards!

Back in August, Facebook announced 1 billion daily users. I am sure that number pleases their investor’s but I wonder how valid that claim is considering I’ve personally reported many hundreds of fake accounts and there are logically thousands more that I do not know of. Multiply my reality by the thousands of other people’s profile photos that are being used and I begin to feel that Facebook is intentionally not addressing this reality due to their significance.

But even if these accounts don’t really put a dint into the one billion user reality, there are serious implications here for the identities and well being of their current and future users. A social media site needs to feel safe if one is to connect, share, and communicate with other users, especially with those that we do not know so well. Facebook needs to do something about this problem, but I am convinced that they won’t act unless there is some heat on this issue.

So please, share this post widely. I want Facebook to acknowledge this problem. But more so, I want this issue to get to someone at Facebook that can help address this problem through the revamp of their reporting service and through a number of possible mechanisms to detect the scammers before they can hurt people. I’ve got ideas on how this can be done, but I need to be connected to someone who can address these changes.

If you want to know more about these romance scams, I’ve written several other posts and created several Youtube screencasts. See below. And, thanks for any help you can provide.

The Real Alec Couros

(Digital) Identity in a World that No Longer Forgets

Posted on by

[This post was written jointly with Katia Hildebrandt and also appears on her blog.]

In recent weeks, the topic of digital identity has been at the forefront of our minds. With election campaigns running in both Canada and the United States, we see candidate after candidate’s social media presence being picked apart, with past transgressions dragged into the spotlight for the purposes of public judgement and shaming. The rise of cybervigilantism has led to a rebirth of mob justice: what began with individual situations like the shaming of Justine Sacco has snowballed into entire sites intended to publicize bad online behaviour with the aim of getting people fired. Meanwhile, as the school year kicks into high gear, we are seeing evidence of the growing focus on digital identity among young people, including requests for our interning pre-service teachers to teach lessons about digital citizenship.

All this focus on digital identity raises big questions around the societal expectations about digital identity (i.e. that it’s sanitized and mistake-free) and the strategies that are typically used to meet those expectations. When talking to young people about digital identity, a typical approach is to discuss the importance of deleting negative artefacts and replacing them with a trail of positive artefacts that will outweigh these seemingly inevitable liabilities. Thus, digital identity has, in effect, become about gaming search results by flooding the Internet with the desired, palatable “self” so that this performance of identity overtakes all of the others.

But our current strategies for dealing with the idea of digital identity are far from ideal. From a purely practical perspective, it is basically impossible to erase all “negatives” from a digital footprint: the Internet has the memory of an elephant, in a sense, with cached pages, offline archives, and non-compliant international service providers. What’s more, anyone with Internet access can contribute (positively or negatively) to the story that is told about someone online (and while Europe has successfully lobbied Google for the “right to be forgotten” and to have certain results hidden in search, that system only scratches the surface of the larger problem and initiates other troubling matters). In most instances, our digital footprints remain in the control of our greater society, and particularly large corporations, to be (re)interpreted, (re)appropriated, and potentially misused by any personal or public interest.

And beyond the practical, there are ethical and philosophical concerns as well. For one thing, if we feel the need to perform a “perfect” identity, we risk silencing non-dominant ideas. A pre-service teacher might be hesitant to discuss “touchy” subjects like racism online, fearing future repercussions from principals or parents. A depressed teenager might fear that discussing her mental health will make her seem weak or “crazy” to potential friends or teachers or employers and thus not get the support she needs. If we become mired in the collapsed context of the Internet and worry that our every digital act might someday be scrutinized by someone, somewhere, the scope of what we can “safely” discuss online is incredibly narrow and limited to the mainstream and inoffensive.

And this view of digital identity also has implications for who is able to say what online. If mistakes are potentially so costly, we must consider who has the power and privilege to take the risk of speaking out against the status quo, and how this might contribute to the further marginalization and silencing of non-dominant groups.

In a world where forgetting is no longer possible, we might instead work towards greater empathy and forgiveness

Our current strategy for dealing with digital identity isn’t working. And while we might in the future have new laws addressing some of these digital complexities (for instance, new laws are currently being proposed around issues of digital legacy) such solutions will never be perfect, and legislative changes are slow. Perhaps, instead, we might accept that the Internet has changed our world in fundamental ways and recognize that our societal mindset around digital missteps must be adjusted in light of this new reality: perhaps, in a world where forgetting is no longer possible, we might instead work towards greater empathy and forgiveness, emphasizing the need for informed judgment rather than snap decisions.

So what might that look like? The transition to a more forgiving (digital) world will no doubt be a slow one, but one important step is making an effort to critically examine digital artefacts before rendering judgment. Below, we list some key points to consider when evaluating problematic posts or other content.

Context/audience matters: We often use the “Grandma rule” as a test for appropriateness, but given the collapsed context of the online world, it may not be possible to participate fully in digital spaces if we adhere to this test. We should ask: What is the (digital) context and intended audience for which the artefact has been shared? For instance, was it originally posted on a work-related platform? Dating site? Forum? News article? Social network? Was the communication appropriate for the platform in which it was originally posted?

Intent matters: We should be cognizant of the replicability of digital artefacts, but we should also be sure to consider intent. We should ask: Was the artefact originally shared privately or anonymously? Was the artefact intended for sharing in the first place? How did the artefact come to be shared widely? Was the artefact made public through illegal or unethical means?

History matters: In face to face settings we typically don’t unfriend somebody based on one off-colour remark; rather we judge character based on a lifetime of interactions. We should apply the same rules when assessing a digital footprint: Does the artefact appear to be a one time thing, or is it part of a longer pattern of problematic content/behaviour? Has there been a sincere apology, and is there evidence that the person has learned from the incident? How would we react to the incident in person? Would we forever shame the person or would we resolve the matter through dialogue?

Authorship matters: Generations of children and teenagers have had the luxury of having their childhoods captured only by the occasional photograph, and legal systems are generally set up to expunge most juvenile records. Even this Teenage Bill of Rights from 1945 includes the “right to make mistakes” and the “right to let childhood be forgotten.” We should ask: When was the artefact posted? Are we digging up posts that were made by a child or teenager, or is this a recent event? What level of maturity and professionalism should we have expected from the author at the time of posting?

Empathy matters: Finally, we should remember to exercise empathy and understanding when dealing with digital missteps. We should ask: Does our reaction to the artefact pass the hypocrite test? Have we made similar or equally serious mistakes ourselves but been lucky enough to have them vanish into the (offline) ether? How would we wish our sons, daughters, relatives, or friends to be treated if they made the same mistake? Are the potential consequences of our (collective) reaction reasonable given the size and scope of the incident?

This type of critical examination of online artefacts, taking into consideration intent, context, and circumstance, should certainly be taught and practiced in schools, but it should also be a foundational element of active, critical citizenship as we choose candidates, hire employees, and enter into relationships. As digital worlds signal an end to forgetting, we must decide as a society how we will grapple with digital identities that are formed throughout the lifelong process of maturation and becoming. If we can no longer simply “forgive and forget,” how might we collectively develop a greater sense of digital empathy and understanding?

So what do you think? What key questions might you add to our list? What challenges and opportunities might this emerging framework provide for digital citizenship in schools and in our greater society? We’d love to hear your thoughts.

How Romance Scammers Port Video Files Over Skype

Posted on by

I’ve had many victims of ‪#‎romancescams‬ (where scammers used my photos) ask me how it was possible that they saw “me” over Skype. From these conversations, I’ve discovered that the scammers used a technique to port video over Skype to further fake someone’s identity. This appearance over video was often reported by victims as the convincing moment where they felt that they were talking a real person (vs. the fabricated identity). I’ve created a short screencast to explain how this works. Please share – it may save someone from falling into one of these scams. Thanks.

Developing a framework for teaching open courses

Posted on by

This post was written jointly with Katia Hildebrandt and also appears on her blog.

Recently, we presented at OER15 in Cardiff, Wales, on the topic of developing a framework for open courses. In our session, we considered our experiences in facilitating MOOC type courses in order to think through and address the challenges that these types of courses present.

So first, a little background: It has been stated that there are two general categories of MOOCs: xMOOCs and cMOOCs. xMOOCs are large-scale MOOCs that often consist of video-delivered content and automated assessments. These MOOCs are often offered by institutions or by large-scale MOOC providers like edX and Coursera. cMOOCs, or Connectivist MOOCs, are network-based: they operate through a distributed pedagogy model, where the connections become as important as the content, knowledge is socially constructed by the group, and participants learn from each other. In many ways, these courses can be similar to learning on the open web: there is minimal guidance in terms of what is learned and when, and participants are instead free to engage with the course in whatever way they choose. Open boundary courses, meanwhile, are for-credit courses (such as those offered by a post-secondary institution) that are opened to the public on a non-credit basis. For instance, the ds106 Digital Storytelling course, originally based out of the University of Mary Washington, is also offered as an open boundary course. If you were to imagine the spectrum of openness in courses, it might look something like this:

Open Boundary Courses

For the purposes of this post, we take the term “open course” to include both open boundary courses and MOOCs (particularly cMOOCs).

Much of our insight into open courses comes from our work with three large, open courses: EC&I 831 (Social Media and Open Education), #ETMOOC, and #DCMOOC. The latter two courses were both cMOOCs; #ETMOOC (a MOOC about educational technology) ran in the winter of 2013, and #DCMOOC (a MOOC about digital citizenship sponsored by the Saskatchewan Ministry of Education) ran in the spring of 2014. EC&I 831, meanwhile, is a graduate level class at the University of Regina that was developed and then taught for the first time in 2007 and has run every year since. While the course has a core group of for-credit graduate students, it is also open to anyone – classes are held online and the link to the web-conferencing platform is tweeted out each week, so that anyone is free to join any given session. EC&I 831 is not a MOOC; instead, it is considered an open-boundary course, and it’s generally seen as one of the forerunners for the MOOC movement.

One of the common features of MOOCs is the high drop-out rate, which occurs for a variety of reasons. The drop-out rate is not in itself necessarily a negative: it may mean that students have the freedom to try out different courses (or other educational experiences) until they find one that fits their needs, or it may mean that students are choosing to audit only particular portions of courses rather than completing them in their entirety. However, some students drop out or engage very minimally with open courses not due to lack of interest or fit with their own needs but because the format and ethos of cMOOCs can be difficult to navigate for those who have not spent much time learning on the open web. However, with EC&I831, #ETMOOC, and #DCMOOC, we have seen a significant level of engagement, persistence, and follow-through with the courses. Perhaps more importantly, many of the participants have stayed engaged with the course community and gone on to become leaders in their own networks; for instance, former participants in #ETMOOC organized their own 2nd year anniversary chat. So the question is, how do we take the strategies that led to positive and lasting outcomes in these courses and apply them to other large, open courses in order to help make participants’ experiences more positive, relevant, and beneficial in the long term?

Below, we identify seven elements of course design that we have used in our own open courses. Then, we suggest possible strategies for building a framework for open courses that might lead to more positive student involvement, in the hopes that these favourable experiences will lead students to continue learning and connecting in open, networked spaces.

  1. Semi-structured course environment

The challenge: The incredible choice of online spaces and tools can be overwhelming to those just starting to learn on the open web.

The strategy: In the open courses that we have facilitated, we help students to gradually ease into the greater digital world through the creation of a variety of interconnected course environments with varying levels of privacy. This can help to gradually “thin the walls” of the more traditional closed classroom environment:

Thinning the Walls

Douglas Thomas and John Seely Brown write: “The new culture of learning actually comprises two elements. The first is a massive information network that provides almost unlimited and resources to learn about anything. The second is a bounded and structured environment that allows unlimited agency to build and experiment with things within those boundaries.” Keeping this in mind, we design the course environment as a bounded space for learning how to learn that exists within the larger space of the open web; we do this through a combination of different tools (small tools, loosely joined). While our use of specific tools has evolved and changed over time, what is important is the way in which the chosen tools work together in combination to ensure a particular set of affordances. In the current iteration, for instance, we allow for private interactions in a “safe” space by creating a Google Plus community for each of our courses, where students can pose questions, engage in discussion, and share resources. As well, we encourage students to develop their own spaces on the web, but we also employ mechanisms to keep these spaces interconnected in order to create a structure of support. For instance, students create their own personal blogs or ePortfolios, but these sites are aggregated using the FeedWordPress plugin so that posts also appear on a central course hub. Additionally, students develop individual Twitter accounts but remain connected through the creation of a Twitter list and the use of a course hashtag (for instance, #eci831). In this way, students are eased into the open web, but at the end of the course they are left with their own individually controlled spaces, which they can continue to use and expand or, alternatively, choose to delete entirely. The ability for students to continue to grow the networks that they have begun to build in class is markedly different from what happens with a traditional Learning/Content Management System (LMS/CMS), where the course is archived at the end of the semester and students start back at zero.

PLN vs. CMS

  1. Interest-based curriculum

The challenge: The overwhelming array of information available online can make it difficult to find a place to begin or a path to take.

The strategy: Martin Weller describes the wealth of knowledge online as a potential “pedagogy of abundance.” For learners who are more used to a structured curriculum, this can make getting started a challenge. However, learning is most meaningful when it is interest-based. So, in our courses, we want to avoid setting a strict scope and sequence type curriculum; instead, we encourage students to let their interests become the catalyst for learning. One particularly successful strategy has been the inclusion of student learning projects in our courses, where students are expected to learn a skill of their choice using online resources and then document the learning process. This allows students to choose a high interest topic, but it also ensures that all students are documenting their learning in a similar manner, which can provide a social glue as students discuss the methods and tools use for documentation (which is a digital literacy skill in itself). As well, weekly synchronous video conferencing sessions and weekly Twitter chats can keep students from feeling lost or disconnected.

  1. Assessment as learning/connection

The challenge: A lack of check-ins/endpoints in online learning can make the learning process seem nebulous.

The strategy: Traditional for-credit courses include assignments that allow students to demonstrate their learning; for instance, in EC&I 831, students create summaries of learning that let them to express their learning using the tools of the open web. These summaries also allow students to practice designing and sharing media in the collapsed context of our networked world, often leading to serendipitous feedback from others outside of the course. Although MOOC-type open courses do not have the same sort of endpoint (as the hope is that learning will continue beyond the course), implementing a similar type of checkpoint – a summary-type assessment that allows students to put tools and theory into practice – can be helpful to allow students to consolidate their learning as well as to connect further through sharing and participating in their newly build networks.

  1. Instructor support

The challenge: The large student-instructor ratio in large open courses can lead to students feeling lost and unsupported as they explore new forms of media.

The strategy: We’ve found that in large courses, it is helpful to have a variety of orientation sessions (for instance, a session on blogging or on using Twitter) in order to help students gain a level of comfort with course tools. This is especially important because students come to courses with an increasingly wide range of digital literacies and technological competencies; while students will work towards attaining a level of digital fluency throughout the course, these introductory sessions give students the basic skills they need in order to access the learning experience of the course.

As well, although we design courses to encourage a high level of peer feedback (or even feedback from others not officially participating in the course), it is important to ensure that all students are getting regular feedback and suggestions for improvement so that they are able to continue to grow; thus, it is helpful to ensure that the facilitation team include members who act as “community developers,” individuals who can comment on student blogs, interact with participants on Twitter and Google Plus, and address any questions that arise; in #ETMOOC, for instance, having a group of co-conspirators meant that the work of community development and course leadership did not fall on a single individual.

  1. Student community

The challenge: Newcomers to online networks can often feel isolated and alone.

The strategy: In a graduate course like EC&I 831, there is a core group of for-credit students with similar aims, and this creates an immediate, built-in Personal Learning Network (PLN). But in larger MOOCs, this core group doesn’t exist, and so facilitators need to work to build a student community through group-building activities. For instance, in #ETMOOC, facilitators organized and created a lipdub video in which course participants could take part. In another recent course, students started a Fitbit group, which allowed course participants to bond over a shared activity. Activities that help to create a sense of presence in the course (such as asking participants to write an introductory blog post or having students create short videos of themselves using a tool like Flipgrid) can help to build a sense of community. Importantly, such community-building activities also help students to build their own PLNs while adding an increased level of personal accountability that can encourage participants to continue with the course.

  1. Digital identity creation

The challenge: Missteps and mistakes can be amplified in digital spaces, where footprints are permanent and easily searchable.

The strategy: In a world where online reputation is becoming increasingly important, it is critical that we take control of our digital presence so that others don’t do so for us. As well, in order to participate more fully in MOOCs in particular and in a PLN in general, it’s important to declare oneself; what we get from our networks depends largely upon what we contribute to them, and it’s difficult to contribute without a digital presence. That might mean creating a blog, developing a Twitter presence, or engaging on other social networking sites. Supporting the development of students’ digital identities as part of open courses will not only help them to network as part of the course, but it will also serve them well in the long term.

  1. Democratizing the web

The challenge: Those new to digital spaces can be hesitant to voice their beliefs publicly due to the nature of digital artefacts, which can easily be shared, remixed, and taken out of context.

The strategy: As digital citizens, we have a responsibility to keep the web democratic and allow for equitable expression, but it can be difficult for non-dominant views to be voiced online due to fear of criticism or other negative repercussions. However, silence can often be taken as complicity, so we need to support students in open courses as they delve into potentially controversial topics, by fostering a community in which students feel more confident expressing viewpoints with the support of a group, and by using our own digital identities to model what it looks like to speak out for social justice issues online.

Although the nature of MOOCs and open courses can present difficulties for those who are new to learning on the open web, these strategies can help to give participants a foothold in the online world, which can, in turn, increase their chances for a meaningful experience that paves the way for a lifetime of learning.