Whisper Campaigns and Anonymous Attackers: Identifying and Handling Social Media PR Threats
This chapter is from the book
This chapter is from the book
This chapter is from the book
In early 2009, the Halifax-Plympton Reporter received a letter to the editor urging people to “contact their Congressman about the Medicare Advantage program, a sort of privatized health plan paid for through the recipient’s Medicare. There may be some interest in doing away with the program.”
Seems benign enough, right? The letter was signed by a local resident, but it didn’t mention the local Congressman, which the paper’s editor found strange. So he called the man who wrote the letter and was astounded to learn the letter’s “author” had no idea what he was talking about.
The editor filed the letter and went on about his day. About a week later, he received a phone call from a man who said he was calling on behalf of the person who wrote the letter. The editor told the caller what he had done and asked who he was and who he worked for. The caller declined to tell the editor who he was and hung up the phone. But what he didn’t count on was caller ID. The editor traced it back to a high-powered lobbying and public affairs firm in D.C. It became pretty evident the firm was working for an organization with an interest in keeping Medicare Advantage in business.
The firm’s site promises “grassroots communication,” but this is downright astroturfing.
According to Campaigns & Elections, astroturfing is “a grassroots program that involves the instant manufacturing of public support for a point-of-view in which either un-informed activists are recruited or means of deception are used to recruit them.”
At one time found only in politics, this practice has spread to the communications industry.
Genuine grassroots campaigns tend to have many people involved, but don’t always have the money needed to support them. Think about Occupy Wall Street, or President Obama’s 2008 bid for the White House, or campaigns designed to get television programs back on the air. They use the Web and social media to help further their ideals, but don’t always have a lot of money behind them.
Astroturfing, though, tends to be flush with cash but people-poor...so the designers make up people. On the Web, they’ll create fake personas or robots to spread the word. Offline, sophisticated computer databases, telephone banks, as well as hired organizers, are used to recruit and inspire less-informed activists to send letters to their elected officials or to the city’s main newspaper. Ultimately, it ends up looking like there are many people up in arms about pending changes.
According to Wikipedia, these techniques have been used to
- Defeat President Clinton’s proposed health care reform through a front group called Rx Partners, which was created by a public relations firm and the Coalition for Health Insurance Choices
- Oppose restrictions on smoking in public places through a front group called National Smokers Alliance, which was created by a global public relations firm
- Encourage people to buy Coke
- Generate news clips to assist Microsoft lobbyists in persuading U.S. state attorney generals not to join a class action suit against the company
While shocking, the good news is, as consumers, we’re far more educated through information found on the Web, these kinds of campaigns are found very quickly, brought to the attention of influential journalists, and taken down.
“For years, Mark Zuckerberg, the chief executive of Facebook, has extolled the virtue of transparency, and he built Facebook accordingly. The social network requires people to use their real identity in large part because Mr. Zuckerberg says he believes that people behave better—and society will be better—if they cannot cloak their words or actions in anonymity,” wrote the New York Times on May 13, 2011.
Enter a global public relations firm. They were hired to create a “whisper campaign” about Social Circle—an optional feature of Google that uses publicly available information from social networks to personalize search results.
The story goes like this: Two very high-profile former reporters-turned-PR-pros worked with journalists and bloggers to begin digging into Social Circle and writing negative stories about it. When pushed to reveal their client, they refused, and a blogger published their email exchange.
The initial email from the high-profile PR pro began, “I wanted to gauge your interest in authoring an op-ed this week for a top-tier media outlet on an important issue that I know you’re following closely.” He went on to describe the sweeping violations of user privacy at Google and how the blogger could use the information in his email to write the op-ed.
The blogger responded with, “Who is paying for this? (Not paying me, but paying you).”
The PR pro wrote, “Thanks for the prompt reply. I’m afraid I can’t disclose my client yet. But all the information included in this email is publicly available. Any interest in pursuing this?”
The blogger, smart to these kinds of practices, denied the request and made the entire conversation public, which made national news and required the Public Relations Society of America (PRSA) to get involved, from an ethics point-of-view.
This is common practice in Silicon Valley. PR professionals are hired to help create negative stories about one’s competition.
It happens in Hollywood, too. During the 2013 Oscars season, you might remember seeing stories such as, “Can you believe Zero Dark Thirty? The Academy is never going to vote for a movie that justifies torture.” Or “If you want historical accuracy, don’t watch Argo. The suspense when they’re leaving the airport? That never happened.” Or “Come on, Lincoln! Mary Todd Lincoln never attended debates, but there she is in the visitor’s galley in the movie.”
These comments typically begin with publicists or “Oscar-campaign consultants” who have off-the-record chats with reporters and voters. They don’t talk about the great attributes of the movies, actors, or directors they represent; rather, they point out the flaws in their competitors. And some of these stories are created by the media looking to increase eyeballs and win in the ratings wars.
The Academy has tried to discourage the negativity by imposing a one-year suspension of membership for first-time violators, but this rule is hardly ever enforced because most whisper campaigners are too smart to malign their competition publicly. They never put anything in writing, including in email.
The idea of whisper campaigns began, not surprisingly, during wartime, because it is an effective and inexpensive way to create protests, support stand-offs, and exercise national will without using the military. From there, it has seeped into politics, the tobacco industry, Hollywood, and now Silicon Valley.
But it isn’t limited to those few instances. In business, companies hire employees to create fake social media accounts to post comments on blogs, forums, chat rooms, and social networks. They try to steer conversations in a desired direction or post negative responses that rile up the community.
For instance, a defense contractor that works with the government was found to be mounting an attack against WikiLeaks when they were hacked by Anonymous (the hackers responsible for a lot of the tightly secured information that throughout the years has been leaked to WikiLeaks).
In the documents they found and leaked, there was information about how to create personas to attack journalists, bloggers, and commenters to “smear enemies and distort the truth.”
Here’s a quote from the leaked materials: “To build this capability we will create a set of personas on twitter, blogs, forums, buzz, and myspace under created names that fit the profile (satellitejockey, hack3rman, etc.). These accounts are maintained and updated automatically through RSS feeds, retweets, and linking together social media commenting between platforms. With a pool of these accounts to choose from, once you have a real name persona you create a Facebook and LinkedIn account using the given name, lock those accounts down and link these accounts to a selected # of previously created social media accounts, automatically pre-aging the real accounts.”
Another document describes how they use automation so one persona can represent many different people with the stroke of a key. “Using the assigned social media accounts we can automate the posting of content that is relevant to the persona. In this case there are specific social media strategy website RSS feeds we can subscribe to and then repost content on twitter with the appropriate hashtags. In fact using hashtags and gaming some location based check-in services we can make it appear as if a persona was actually at a conference and introduce [sic] himself/herself to key individuals as part of the exercise, as one example. There are a variety of social media tricks we can use to add a level of realness to all fictitious personas.”
That’s just another example of how gigantic organizations are gaming the system, lying and stealing, and developing groups of “people” to provide opinions about an issue.
In the past, these things worked fairly well. It was difficult to not only prove it was happening, but to get the attention of journalists to tell the story. But there’s a new sheriff in town, named social media. Because of him, everyone has a megaphone. When you are found out, people are all too happy to rip you down from the fake proverbial pedestal.
Brian Solis, principal analyst at Altimeter Group, a prominent blogger, keynote speaker, and author of several books, did a test to promote the launch of “The End of Business as Usual.” Using a service called Let Me Tweet That For You, he created a bunch of tweets from celebrities such as Donald Trump and Ellen DeGeneres that are made to look like they endorse his book (Figure 4.1).
)
Figure 4.1 Let Me Tweet That For You allows you to create fake tweets from real people.
Of course, the tweets Brian created aren’t real and he never actually sent them. He created them only to show it’s important to confirm any information we see online that seems strange, because it most likely is. A great example of this is the photos of Abraham Lincoln you see floating around the Web that display quotes, supposedly by him, on how to behave online. Of course, Lincoln didn’t say those things, but people continue to share the quotes. After all, if it’s on the Internet; it must be true.
After Brian opened the kimono, so to speak, and showed what he did and why he did it, we took to the Web to create a fake tweet from a colleague, saying she loves working with me (Figure 4.2).
)
Figure 4.2 A test to create a fake tweet about myself from a friend and colleague.
Admittedly, it’s kind of fun to create tweets saying awesome things about yourself that look like they’re coming from your friends or colleagues. And the good news is the service doesn’t allow you to actually tweet what you’ve created. Instead, it generates a tweet that says, “Check out what @belllindsay just said http://lemmetweetthatforyou.com/t/2tl99k Site by @okfocus.”
So Lindsay would be alerted if I tweeted that, and anyone following would be directed to the site where it was generated. No harm, no foul, right?
Not so fast. What if trust has now completely eroded? People are astroturfing and creating whisper campaigns and writing fake reviews—and now, faking tweets. What next?
As it turns out, there are lots of blog posts, forums, and how-to sites written for people who want to start their own whisper campaigns. If you’d like to go that route, stop reading and donate this book to a library. You’re not going to learn how to do that here.
Trolls and Anonymous Attackers
There are quite a few things you can do to dissuade anonymous attackers. Use Livefyre as your commenting system, which forces commenters to have an account (usually with one of the social networks); build a strong community of people who can quickly recognize those who are there only to cause trouble; and have guidelines that clearly state comments will be deleted if you swear, make up facts, or are intent on damaging someone’s reputation (or that of someone in the community) through libel. Ninety-nine point nine nine percent of the time, people are very professional, fun, and kind to one another.
But there will be that one time when you are attacked personally, and anonymously.
When you discover negative comments, you can quickly do some research to find out who the people are. Track their accounts back through Livefyre, and after a few clicks, you’ll discover whether it’s a real person or not. Sometimes you’ll find there is a content farm in another part of the world that is set on creating negative comments to engage authors in conversation, eventually gaming the Google rating system.
Rather than engage those “people,” delete the comments and ban the users from commenting on your site. It does take some time, but it’s well worth it. Don’t be rushed. Take that time. Because if you don’t, the attackers win. Situations like this make the online world a bit scary. People will say negative things about you. They will criticize you. When this happens, take out the emotion, listen to what people have to say, admit when you’re wrong, and say you’re sorry.
Except when the attackers are anonymous. The culture of the Web allows for anonymous attackers known as “trolls”: the people who say, from behind a computer screen, things they would never say in public. We see this with online bullying of children and teenagers, and we see it, via adults for the most part, in business. The Web provides a “safe” world where trolls can wield power and influence others. Unlike most real-world bullies, though, anonymous attackers can find a large ready-made audience to consistently engage, vote up their content, share it, and provide serious ego-stroking without negative consequences. In fact, some sites offer real-world bonus items for popular content—no matter if it’s harmful or not. But, like real-world bullies, trolls need to get a rise out of their victims to enjoy the interaction. When you don’t “feed the trolls,” you disgrace them and make them feel irrelevant.
It really isn’t unlike serial killers or mass murderers (particularly in the United States) who kill for the publicity and fame they know they’ll achieve. Those 15 minutes of fame come at any price...but they’re willing to do what it takes to get them. The same thing happens online (even if not at the expense of people’s lives) and trolls will do what they can simply to get a rise out of you.
Reddit is a site that allows anyone to register with any username. You can submit and vote on content, all anonymously. You’re also able to start a forum dedicated to your hobbies or interests, known as a subreddit. During the Boston Marathon bombings, there was an entire subreddit dedicated to the manhunt—which gave you more accurate and timely information than the news. In fact, reading that stream—which was hooked into the Boston police scanner—revealed to the online world that the second suspect had been caught a full five minutes before the news reported it.
During the 2012 Presidential campaign, President Obama became the first sitting president to participate in a Reddit AMA (Ask Me Anything) feature. People from all around the world participated, and he answered questions about space exploration, Internet freedom, his favorite basketball player (Michael Jordan), and work-life balance. The hour-long Q&A session gave Reddit mass legitimacy and let the site open itself up not only to the typical web geeks, but also to mainstream news and political junkies.
But the site isn’t all for the greater good. Because Reddit allows anonymity and the policy itself is very lenient on offensive speech, it has bred an underground of trolls, attackers, and downright bad people.
In October of 2012, a man known as Violentacrez—one of the biggest trolls on Reddit—was found out by Gawker. You see, he’d been posting images of scantily-clad underage girls on the Internet, which is what began the deeper investigation into who he really was. But more than that, if you found images of racism, porn, incest, or other highly offensive things on Reddit, it was almost certain Violentacrez was behind them. In fact, he created a subreddit called “Creepshots” where users posted covert photos taken of women in public—usually close-ups of their body parts. And the subreddit thrived.
Violentacrez created another subreddit called Jailbait, with the sole purpose of “creating a safe place for people sexually attracted to underage girls to share their photo stashes.” While you or I might call those people pedophiles, the subreddit called them “ephebophiles.” Violentacrez and his fellow moderators worked hard to make sure every girl posted in Jailbait was underage. They deleted any photos whose subjects looked like they were older than 16. It soon became one of the most popular subreddits on the site and the term “jailbait” was the second biggest search term for the site. Eventually it landed on CNN, and Anderson Cooper called out both Reddit and Violentacrez. The subreddit was banned—reluctantly because it’s against the Reddit terms of service to police the user content and because their community was incensed at the very idea of being “policed”—and, with it, all content featuring minors.
Lock up your children! Protect the women! Throw away the keys!
Like “real life” bullies, trolls need to get a rise out of their victims if they are to enjoy the interaction. But it’s not all as bad as Violentacrez, particularly in the business world. Yes, you will have trolls attacking you, especially as you participate more and grow your brand online. Yes, they will make you angry and emotional. Yes, they will get a rise out of you. But it’s how you handle them that makes all the difference between them feeling like a mosquito bite in the middle of summer, or them forcing your focus away from your job completely.
The best way to stop trolls is to create an environment that is unfriendly to trolling. We’ve done that on Spin Sucks by carefully cultivating a professional, kind, and smart community. We painstakingly review all comments and determine their validity. If we remove someone, we explain to everyone else why we did that, citing something in our policy the person violated. Today, the community does the rest of the work. The good news is it’s unlikely you’ll be trolled—unless you’re Coke or GE or Face-book—until you’ve built a name for your organization online. With that, hopefully, comes a community of people who adore you—or at least respect you. They’ll stick up for you, often without you having to ask.