Welcome to our Ask The Expert series, where we answer your questions about digital evidence and forensics. Today’s question is:
How common are fake accounts online?
With the ease of creating accounts online, the problem in the legal field becomes: how do we know who sent a particular message/email/photo, etc.? A message may come from John Doe’s Facebook page, but does that page really belong to John Doe? Did John set it up or did someone else? If John set it up, was he even the one logged in when the message was sent?
Fake accounts have been in the news a lot lately. You may have heard how Facebook took down 1.3 billion fake accounts from October, 2017 through March, 2018, or how Twitter took down 70 Million accounts in just two months. In short, there are a lot of fake accounts out there.
Most of those fake accounts have very little do to with our typical cases of harassment, stalking, or defamation. Instead, most of those fake accounts are bots set up to spread fake news articles, or generate traffic to particular websites to gain ad revenue income. However, the sheer volume of those accounts shows how easy it is to set up an account and how prevalent these fake accounts are in social media.
You may have seen a Facebook friend request from someone you thought was already your friend. The picture is your friend’s picture, the name is your friend’s name. Yet, if you check your friend list, you are already friends with them, just like you thought. That friend request is a fake account. It was built to connect to you and get your data, and potentially to try to scam you into sending money, or clicking on ads. In a legal context, how can we tell the different between two accounts with the same name and same picture? How do we know which one is real and which one is fake?
To find the truth of who sent a message online is quite time consuming. First, you must find out who was logged into the account by requesting the IP address of the user from Facebook, Twitter, Google, etc.
Armed with the IP Address (a digital address much like your street address for the Internet), you can find which Internet Service Provider (ISP) owns the address. An ISP is the person who provides your internet access, such as Cox, Verizon, Comcast, etc.
The ISP will be able to tell you which one of their customers had that IP address at the particular date and time that the message was sent. Now, you have traced a message to the physical address of where it was sent (or to the cell phone that sent it). If there is only one person at that street address, you have likely found the sender. If there is more than one person, you have narrowed down the list of potential senders to those who had access to that Internet connection on the date and time of that message.
Fake accounts are a real problem for the courts. It makes it very difficult to know who is responsible for a particular piece of content or message online. The process of narrowing down the list of people is lengthy and time consuming, but it is possible.
If you have a case like this and need our help, contact us today. We offer free consultations.
Have a question for our Ask The Expert Series? Email Brian Chase to see your question answered in an upcoming blog post or video!