S1E7 - Internet Bots - Politics, Phishing, & Fake Reviews

This week we are doing a deep dive into the creation and use of internet and telephone bots I’m super excited for this episode mainly because of the interesting situations that internet bots have put us in over the last decade or so. From politics to unwanted phone calls, to everyday social interactions, bots have surely changed the way we behave and the way that we perceive reality.

Let’s jump right into it.

To keep this episode focused; I’m just going to cover the use of internet bots online. I will cover artificial intelligence in terms of autonomous vehicles and physical robots in a future episode since there’s so much to cover & discuss!

Over the last few years, I’m sure that you haven’t missed the increase in conversation about bots on platforms like Instagram, twitter and Facebook.

The detailed coverage has not only provided definitions for what classifies as a bot, but it has also allowed us to see the impacts, pros, and cons of the introduction of bots to society.

Now there are different classifications and types of bots being used in almost every industry that exists at this moment in time. The basic definition of a Bot is “an autonomous program on a network (especially the Internet) that can interact with computer systems or users, especially one designed to respond or behave like a player in an adventure game.”

The following are additional categories that bots fall into, typically based on the type of work or task the bot performs. These can be considered good, bad or neutral depending on the situation and intention of the bot and bot programmer.

According to Botnerds.com Good bots are as follows:

1.      Chatbots – these bots just interact with users, its usually obvious that they aren’t a human being, but the use of machine learning is quickly making this less obvious.

2.      Crawlers – crawlers/ or spiders are used to collect information like website URLs used for indexing or organizing information for search engines.  They are usually focused in their tasks and they carry out predetermined tasks working typically in the background.

3.      Transactional Bots – are bots that act as an agent to a human. These are typically used in customer service, online support, or administrative assistants. They carry conversations with users to set up appointments, direct users to other resources or to complete a purchase or transaction.

4.      Informational Bots – these bots are used to provide helpful information by pushing notifications or directing users to updates in breaking news.

5.      Entertainment Bots, Art Bots & Game Bots – you’d see these in video games where you essentially play against a computer.

Now even though the above are classified as “good”, that doesn’t necessarily mean that they can’t be used for tasks that may be considered bad. For example, as I’ll cover later, Amazon has used scrapers to gain the upper hand on companies and their profits.

Bad bots on the other hand are typically created with negative or bad intentions from conception to implementation. The programmers creating these bots typically identify an end goal and create the bot with directives that will cause harm to the user or the network they implement the software on.

These types of bots are categorized as follows:

1.      Hackers – as the name states, hacker bots are created to distribute malware, deceive individual users, attack websites or entire networks. Once a computer is hacked by these bots, they can be used for almost anything that can be done online. You may hear these infected computers called “zombies” and if an entire network is hacked, those are referred to as “Botnets”

2.      Spammers – If you have an email address, I’m sure you have had the pleasure of receiving hundreds of emails promoting products or services that you never requested. These emails are sent by spam bots and their goal is usually to drive traffic to content on websites or to drive traffic to specific websites. Spam bots are also used in online forums or blogs for this same reason. To lure individual users to websites selling products or services.

3.      Scrapers – these are bots that steal content, things like your name, email addresses, images etc. This content is then used to fill up other websites with your stolen information but without credit to you.

4.      Impersonators – mimic human or website behavior which makes it difficult for a user to distinguish whether they are interacting with a human being, or if they really are in the website that they think they are on. Currently, the most discussed type of impersonator bot is the phishing bot. These attempt to trick users into providing their personal information, things like your log in credentials, social security number, or bank information with the intention of using that information to post on your behalf or collecting the information for hackers to either sell on the dark web, or use to steal your identity then use to open new lines of credit as discussed earlier this season on Episode #5 – Public Wi-fi.

Now, this is just a brief list of the types, some say that there are more categories while others say that the list can be condensed and simplified based on the intersection of tasks, resulting in less categories.

I’ll stick with the above list for the purposes of this episode.

The use of bad bots has proven to be a lucrative move for hackers worldwide. Over the last five years there has been an increase in phishing emails that resulted in hackers holding the data of many companies hostage, until a ransom was paid.

In one case hackers used phishing to steal over $100 million from Facebook and Google employees.

The most recent case is detailed in a CNBC article from March 27th , 2019. The article states the following:

“Evaldas Rimasauskas, 50, pleaded guilty last week to wire fraud after helping to orchestrate a scheme that included setting up a fake business and sending phishing emails to employees of Facebook and Google. The scheme ultimately duped those multi billion-dollar companies out of more than $100 million in total between 2013 and 2015, according to the U.S. Attorney’s Office for the Southern District of New York.”

Evaldas reportedly created a fake business that pretended to be the real Taiwan-based Quanta Computer company where he placed himself as the sole board of directors’ member. He also opened and controlled a bunch of other bank accounts to handle the transactions of this fake company.

Now once he created this company, he began creating fake invoices totaling over $100 million dollars that he sent via email to employees at Facebook & Google. These employees, under the belief that they were sending payments to Taiwan-based Quanta Computer, authorized the payments, and sent the money to the Evaldas’s fraudulent bank accounts.

Both Facebook & Google were able to recover their money soon after the hack.
And both Companies are now cooperating with law enforcement as the trial continues.

Evaldas is due for his sentencing on July 24th, 2019 and faces up to 30 years in prison.

This isn’t the first time that huge companies have fallen victim to phishing scams. According to the same article:

“Last year, an Indiana couple was sentenced to six years in prison apiece after they stole more than $1.2 million worth of consumer electronics from Amazon by scamming the e-commerce giant’s return policy.”

This is scary for quite a few reasons, one of which is, if these large companies with huge cyber security departments are having a tough time identifying phishing scams, what does that mean for us everyday individuals?

Even-though the average individual doesn’t have large sums of money to entice hackers to target them. The things that we do have of value are still pretty tempting to hackers. Things like our identities, meaning social security numbers, credit cards & credit lines, or even things like access to our social media accounts are all fair game and extremely valuable to the right person.

Hackers can use phishing emails and fake websites to gain access to our computers which they then use to spread malicious malware through any network we then connect to. This expands their user reach and the information accessible to them.

As discussed in Episode 5, our credit cards, social security numbers and behaviors online are also extremely valuable to hackers. They can sell our information on the dark web, or even use our social media account to spread hate speech and influence how society thinks by posting targeted content.

Quite recently there was an intense conversation surrounding Russian hackers using social media to influence the U.S and European elections.

During the 90 minutes of the U.S 2016 presidential bots were used to flood social media platforms with divisive tweets and posts. These bots used hashtags to hijack trending topics and to change the narrative.

Now because at the time, to our knowledge, the use of bots to influence entire elections is something that had either never been done before or had never been noticed. As a result, companies now had to create a way to collect and analyze all the posts made during the election.

A company named Canberra put its computer scientists to this specific task following the election and the results surprised them.

According to an article on The Sydney Morning Herald, (their website is smh.com.au which made me giggle a bit) anyway according to this article. Canberra began “Analyzing the more than 6.4 million tweets that circulated during those 90 minutes, researchers at the Australian National University found bots were on average about two and a half times more influential than people.”

These posts, which were very strongly “pro-republican” and posted by bots impersonating American republicans, were more likely to become viral. Meaning they reached an astounding number of unsuspecting individuals.

Due to the large influx of bot posts, it became extremely difficult to know which information was true and which were actually created to spread false narrative and information.

The same article also states that “Bots also appeared to target their content towards real-life influencers, especially Republicans, in the hopes they would be shared with larger followings.”

The bot programmers went as far as creating fake accounts impersonating individual state republican parties like the Tennessee Republican party account under the name Ten_GOP who posted a tweet which was later shared by former Donald Trump adviser, General Michael Flynn.

In January, Twitter reps confirmed that over 50,000 Russian linked accounts used their platform to post automated content about the 2016 election.

As a consequence of this wide spread use of bots, we won’t ever really know how the election would have played out.

Individuals now must consider the information they are receiving on large social media platforms.  

Even-though we all know now that the use of misinformation and propaganda surround official elections is a tactic used by all political parties. It is frightening to realize that entire countries and governments are becoming so adept at creating information and narratives that seem extremely honest and real.

What’s even more freighting is that we as human beings are currently at the mercy of technology. This may be due to the fact that what we use to use to judge what is the truth no longer applies since the introduction of bots and social media platforms.

We no longer have the regular cues such as body language, or regulations that require individuals to prove their identities before creating profiles.

Additionally, because we tend to pull away from ideas or individuals we dint agree with, the social media platforms we use have also become places where we only see what we agree with.

We have essentially created bubbles around us that reinforce our ideals, morals, beliefs. Meaning its less likely for us to see ideas or beliefs on these platforms that we disagree with. We aren’t being challenged any more, which in my opinion makes us complacent and easily influenced.

When we stumble onto posts from bots that seem to have a large following or many people “agreeing” we are conditioned to follow along.

This can result in us beginning to believe that since these people usually have opinions I agree with, that now this is some thing I believe too.

The election has been one of the most shocking and the most covered example of how bots can change our reality. But there are countless other situations that these bots have covertly influenced our behavior.

Another example is the use of bots to inspire fear, and influence our financial decisions.

Retailers like Walmart and Amazon may be using scrapper bots to go through their competitors websites collecting data on how much certain products are sold at. They then use this information to undercut their competitors to pull customers to their sites or stores instead.

Sure, this is good for you, the customer, but the impact on other businesses is huge and if you are a small business like diapers.com, you should be worried.

In early 2009 Amazon founder Jeff Bezos sent his senior vice president to a lunch with diapers.com owners. The senior vice president warned the owners that Amazon was considering getting in the diaper business and that they should consider selling. This wasn’t a suggestion.

When diapers.com owners refused the offer, a war began.

Shortly after, they began noticing that not only was Amazon selling diapers, but Amazon was also undercutting their prices by up to 30%.

Customers began moving over in large numbers, and it wasn’t long before diapers.com couldn’t make enough of a profit to keep their company alive.

Amazon was using bots to crawl the diapers.com website and collecting all of their pricing data. Then they used this to continuously change Amazon prices, enticing customers to leave diapers.com.

When diapers.com began talks with Walmart about selling, Bezos reportedly told them that he would drop diaper prices to $0 if he had to. Amazon could take the hit, diapers.com couldn’t.

By November 8th, 2010 diapers made a deal with Amazon for the sale of their entire company.

The same scenario can also happen to consumers, imagine if Amazon is the only place you can buy a product that you need for every-day life.

Or if a pharmaceutical company is the only one providing a certain medication you need to live.

These companies can scour the internet, collecting data on where else their product is being sold as well as how much you need their product. Then they can raise their prices so high that you have no other choice but to pony up.

The crazy thing is due to the size of companies like Amazon, they can influence the very regulations meant to protect us from situations like this.

Even-though the government has rules and regulations in place that protect consumers from companies monopolizing the market, these regulations currently don’t take into account the changes that have taken place in technology companies over the last decade.

In addition to bots that scour the internet for pricing changes and trends in consumer behavior, we now also have to worry about fake reviews and companies paying search engines for higher rankings.

An Inc.com article claims that  “According to one survey, 74 percent of consumers say that positive reviews make them trust a local business more. It's truly the new word-of-mouth, and you can influence the conversation.”

But due to the rise of fake reviews posted by bots, it’s become extremely difficult to judge which reviews to trust.

As a customer this means that every time you are online shopping, your money is at risk. You pay end up paying for an electronic device on Amazon and end up receiving a faulty product. And if you pay with a method that isn’t insured or purchase that product on a site that does not provide insurance or a money back guarantee, that loss is all yours to bear.

So how do we protect ourselves as consumers, small business owners, or social media participants against the bot effect?

As consumers we can take the following steps:

1.   Be Cautious What You Open and Click – even-though that email looks authentic, remember, that most companies won’t ask for or transmit personal information like your credit card, social security number or log in information through email. IF you doubt that an email is authentic google the business or establishment find their official information like phone number or address and either go there or call them directly to make sure they actually sent you that email. Never use the contact information provided on the email to contact the company. Its most likely fake as well and would just be directed to the person trying to get your information.

2.   If you clicked a link in the email and typed in any information, immediately change your passwords on every place you have ever used that log in information. If it was on a business account, immediately inform your employer and the IT department so that they can begin to assess and control the damage.

3.   Get a trusted antivirus to protect you from malicious files

4.   Always search for more than one website to look at reviews on a product you are considering purchasing. Watch YouTube videos, ask people in your life if they have that product and their thoughts on it, and go through a companies BBB profile to see any claims that have been made or active disputes. If you do end up buying a faulty product report and review the product on the sites that it’s sold on so that others can be warry.

5.   Never believe that IRS phone call, the IRS does not call you threatening to imprison you and they will not resolve any outstanding IRS payments on the phone. IF you are unsure go to the government IRS website, find the contact information and call them with that information. Also call your local police department to report the caller and provide their contact information.

While these three tips won’t assure that you never get hacked or fall victim to identity theft, they’ll definitely make your information a little bit more secure.

Now as a small business owner, bots can significantly impact your business by posting fake negative reviews. You can do the following to stay ahead of the damage:

1.     Check your reviews often and respond to any negative reviews in calm manner and thank good reviewers for their input. This shows customers that you are an active business owner and care about your customers. It also shows that you take critique well and are striving to improve your products or services based on their input.

2.     You can always report fake reviewers to the site that hosts the review. Provide documentation especially in cases where that customer never came to your establishment or bought your products. Remember, a bad review is only made worse by the owner lashing out at the customer. The way you handle the situation could do much more damage than the bad review ever could have.

3.     Keep documentation for at least 3 years to protect you in future cases where a customer may claim fraudulent behavior or lash out in anger.

As social media participants we simply have to remember that just because its posted by a high-ranking politician, or celebrity, or even if its just retweeted or reposted by thousands of people, that doesn’t necessarily make it true.

Always research something before you jump on the band wagon. Its easy to assume that others are researching before they repost, but that’s not always true. So research, research and then research some more before you believe anything that’s posted online.

I know that part of the fun of social media platforms is that we can quickly get information and entertainment, but with the advancements in technology and the increase in misinformation, we can no longer be naïve participants.

We must take control of what enters our minds and what we believe by responsibly doing the work to find the truth.

Podcast, creepy technologyLydia ShompoleComment