Must Read Books:
Web of Deception

Web of Deception: Misinformation on the Internet. by Anne P. Mintz. Medford, New Jersey: Information Today, 2002. ISBN 0-910965-60-9.

Note: The following are notes from the above book. I found the book seminal, eye-opening, life-changing. I recommend that you buy and read the entire book. Only by reading the entire book will you get the whole picture. The following quotes, I hope, will whet your appetite. --Colby Glass


"The Internet's very ease of communication has manifestly not exempted it from the underside of human nature--misinformation, libelous gossip, child pornography, fraud and thievery (including theft of your very own identity), assaults on privacy, disruptive viruses, global terrorism networks, and a whole array of other crimes" (xiv).


Introduction: Lies, Damned Lies, and the Internet, by Anne P. Mintz.

"[Some people] use the new technology to support lies, deception, misdirection, fraud, spin control, propaganda, and all other forms of misinformation" (xvii).

CYBERSQUATTING - unauthorized diverting from one domain name to another, e.g., enter prochoiceresource.com and it takes you to abortionismurder.com. Cybersquatting is illegal (xix).

SCAMS - One example is an email from the IRS saying that you are being audited. It requires you to fill out a questionnaire to "avoid penalties and interest. The taxpayer is asked for his/her social security number, bank account numbers and other confidential information" (xx).

Web Sites Playing Doctor - Some sites give health advice which is incomplete, unbalanced, inaccurate, or completely wrong" (xx).

Corporate Scams - "A company can post nonexistent job openings on its Web site in order to fool competitors into thinking it is expanding into a certain area. It can use these phony job openings to solicit resumes from employees of competitor firms to see who may be unhappily employed [and why]... [and] solicit information about what that employer is working on" (xxii).

Misleading Search Engines - "..the practices of paid placement and paid inclusion without clear and conspicuous disclosure that the ads are, in fact, ads" (xxiv). Examples mentioned are Ask Jeeves, Inktomi, Alta Vista, MSNsearch, Direct Hit, iWon, LookSmart, and TerraLycos.


Chapter 1: Web Hoaxes, Counterfeit Sites, and Other Spurious Informaiton on the Internet, by Paul S. Piper.

Lip Balm Anonymous www.kevdo.com/lipbalm - about lipbalm addiction... this is paranoia and fantasy

www.gatt.org is a counterfeit site; it is really an anti-WTO site. The real site is www.wto.org.... the sites look the same, but when you start reading the material there are slight differences which make all the difference.

"... commercial (.com) sites.. slant their information toward selling a product. The information on these sites, though not false, is often misleading and needs to be taken for what it is -- an advertisement. These sites include medical and business sites.." (2).

"... [the Web] adds up to a great convoluted complex of misinformation that needs to be deciphered" (2).

www.martinlutherking.org is a hate site pretending to be an educational site. Note the content by Jesse Helms and David Duke. Note the email link is to stormfront.org, a white supremacy group. Note the link to Web design is another white supremacy group.

"The Ed Report (www.edreport.com) is a bogus government report... Purporting to be a report on an ill-fated attempt by the CIA to employ civilians (including Bruce Springsteen) with a gift for ancient languages as code-talkers on a secret narcotics mission" (5).

"Checking to see who registered a site (e.g., using register.com) is one way to determine validity, but even this approach can be tricky. For example, makah.org is registered to the Makah Nation in Vancouver, Canada, while makah.com is registered to the Makah Tribal Council, Neah Bay, Washington. Only further checking reveals that the tribal headquarters IS located in Neah Bay, Washington, and the Canadian address is a front" (5).

Institute for Historical Review (ihr.org) is a hate site trying to prove the European Holocaust never happened.

Urban Myths As News - A news story passed around the Web and picked up by the media... an example is the story that an anti-hunting group had "outfitted more than 400 deer in Ohio with orange hunter's vests in an attempt to make the hunters think that whatever was wearing the vest was a human and thus not shoot to kill" (7).

Disinformation - Disinformation is defined by the OED as "the dissemination of deliberately false information, especially when supplied by a government or its agent to a foreign power or the media, with the intention of influencing the policies or opinions of those who receive it" (8). Example... ".. the propaganda was [that] Russia had been fighting in Chechnya... From false field reports to exaggerated data, information that supported a particulate point of view was hosted on an array of Web sites.." (8). Russia, NATO, and Servia all had propaganda sites.

Sept. 11, 2001 - "..hoaxes and misleading sites were up and running quickly... email hoaxes.. charity scams" (9).

To avoid charity scams:

Good example of cybersquatting. Type in www.dangerousideas.net and you are taken to uhft.freecyberzone.com which is an anti-Bush site in Spanish.

Science and Health Misinformation -

www.globalwarming.org claims that there is no global warming... has links for student research... does not reveal the controversial nature of its information

Fictitious Sites -

New Hartford, Minnesota a fake town

Parodies and Spoofs - Such sites "can often be extremely useful to researchers looking for antithetical or alternative information" (14).

www.whitehouse.com (porn site)

www.whitehouse.org (parody site)

www.whitehouse.net (humor site)

lme.mankato.msus.edu/mankato/mankato.html depicts Mankato, Minnesota as a tropical paradise

Hatchoo (parody of Yahoo)

www.malepregnancy.com (bogus male pregnancy)

Clones-R-Us meant to foster discussion

Fake Websites a list of fake sites

"As a matter of course, one should seek a second opinion to any information found on UseNet groups, chat groups, or LISTSERVs" (17).

On the Other Hand
"Many [hoax] sites offer alternative perspectives to topics that have an almost hegemonic truth. Even so-called hate sites can provide useful information in bringing to light material that is typically censored from most public discourse" (18-9).

"Even when reading an article in the New England Journal of Medicine, it doesn't hurt to look again later on -- there may be an article in JAMA: The Journal of the American Medical Association the next month that refutes it" (19).

Where to Go For Help

Current Internet Hoaxes about urban legends and folklore.

Hoax Catalog (not comprehensive)

Scambusters (pretty comprehensive)

Urban Legends Reference Page from the San Fernando Valley Folklore Society

Hoaxbusters from CIAC - Computer Incident Advisory Capability

National Fraud Information Center

 

Counter Measures

  1. Look for clues in the URL (a tilde [~]"name" reflects a personal site and represents personal views)
  2. Look for comic or incendiary language.
  3. Look for slanted information.
  4. Check suspicious domain names with register.com.
  5. Use print sources for verification.
  6. Check underlying pages, top-level pages, and suspicious links.
  7. Regularly visit websites which post hoaxes.

If you are defrauded in the medical or medicine area, go to www.fda.gov/oc/buyonline to report the incident.


Chapter 3: It's a Dangerous World Out There: Misinformation in the Corporate Universe, by Helene Kassler.

"On New Year's Eve 1999, the dawn of a new millenium, it is estimated that a billion people worldwide tuned in to watch the global festivities on television. In the U.S., 8.6 million watched the CBS broadcasts with Dan Rather overlooking Times Square. Highly visible was the CBS logo, its all-seeing eye looking out from a building behind Mr. Rather. Few viewers realized that they were witnessing CBS erasing the competition with deceptive technology. For where the CBS logo appeared on television, in the real bricks and mortar world, an NBC peacock lit up the night on the Astrovision screen. CBS had digitally erased the competition--electronically superimposing its own virtual logo over the physical "real" display of the NBS peacock" (53).

"...today's technologies offer the corporate world, and individuals with a stake in the corporate world, more ways in which to deceive" (53).

"...an increasingly long and frightening list of companies struck by phony news stories all too quickly disseminated on the Internet" (54).

Re-direction on the Web...

www.mcwhortle.com biohazard detector-manufacturer McWhortle Enterprises... click on the "invest now" button and you get a message, "If you responded to an investment idea like this... you could get scammed!" Posted by the SEC to teach public how to avoid investment scams.

"..technologies can be used to deceive... So what is one to do? -- Diligence. Research. Verify, verify, verify" (71).

Some recommendations:


Chapter 4: The Identity/Privacy Target Zone, by Stephen E. Arnold.

"Anyone who uses the Internet without stringent privacy measures enters an "Internet Target Zone"... [where] fraud and deception can occur" (75).

"Data Mining -- A series of routines that look at data, make decisions about how the data relate, and then outputs reports driven by the content of large collections of information, collections too large for individuals to review as productively" (79).

"Talking off the record, finance and security executives say that more than 30 percent of Web credit card transactions cause some type of problem" (81).

"Stolen identity nightmares afflict about 500,000 Americans annually, and account for more than $2 billion recorded in fraud losses, with the actual figure likely much larger" (83).

"...the weak link in many systems [is] a careless employee filling "routine requests"" (84).

One example: "The thief got a copy of Feakes's birth certificate for $10 from the State of North Dakota. The con man used the birth certificate to convince the driver license clerk to create a duplicate driver's license. With the license, birth certificate, and SSN, the con man called Feakes's bank. Using the lost-my-wallet story, the con man asked for Feakes's checking account information. The con man used this information to open new checking accounts and make purchases" (84-5).

"Systems administrators can be gulled as easily as the average Internet user... the user can do everything right and still be robbed of a credit card number or worse. There are dozens of tricks a hacker can use to steal information from a server" (85).

"A crook can use utilities like those created by Blue Squirrel Software or Soft Byte Labs' Black Widow. Black Widow, which costs about $40, can scan a Web site and present found files... Black Widow is an off-line browser, a site scanner, a site-mapping tool, and a "site ripper"" (86).

".. Spector 2.1.. records PC and Internet activity, much like a camcorder, and lets the person who installed the software play back the recorded information" (87).

Twelve Tactics for Stealing Personal Information

1. "Steal a person's mail to locate credit card numbers, bank statement, etc. (most common method).

2. "Capture personal information from Internet user (Ask for information as part of a qualification for accessing a site).

3. "Place a small file ("cookie") on a user's computer that tracks the user's actions.

4. "Intercept electronic mail.

5. "Steal a laptop or notebook.

6. "Create a fake electronic commerce site, offer products at a great price, and require detailed personal information from would-be buyers.

7. "Snoop within a personal computer [gain access to your home or office].

8. "Gain unauthorized access to an online system [network] and place programs on the server to allow an unauthorized person to access the system [easy to do unless the network is properly set up and protected].

9. ""Social engineering" -- ask for the information, e.g., call the person, pretending to be from their ISP, and ask for account information in order to verify that the system is working properly.

10. "Walk up to a computer and look for passwords and logon instructions taped to the monitor, the desktop, or wall.

11. "Create a public posting in a UseNet forum. Provide a URL or link to a Web page with a form posted asking for more information.

12. "Use public information sources [some individuals and Websites provide SSNs, personal profiles, and background information for a fee]" (88).

Data Mining
"Through data mining's recursive mathematics, software can locate and identify actions that fit together. An example would be American Express's use of Cross Z fractal technology.." (90).

"DoubleClick, Engage, and AdForce... There are many data mining companies... like Cognos,... like Net Perceptions... Promotion.com... The industrial-strength programs, widely used in police and government intelligence work, are making their way into the commercial marketplace" (90).

"The Federal Bureau of Investigation (FBI) uses a system called "Carnivore" that reads electronic mail... Like other sniffers, it cannot process encrypted messages encoded with such tools as Pretty Good Privacy (PGP) or an equivalent software program" (90-1).

Types of systems which leave digital footprints:

Checklist for Preventing Credit/Identity Theft

Key information to guard from identity thieves SSN
Maiden name
Birth date
Past addresses
Driver's license number
How criminals get your data Ordering credit reports
Asking in a seemingly harmless way
Digging through garbage
Stealing mail
Snatching purses
Learning it from the victim - for ex., from resumes or genealogies posted online
Prevention Tips Don't give out your SSN unless necessary
Request your credit report regularly
Shred personal documents before putting them in the trash
Check W-2 for extra earnings (it could indicate someone else working under your name)
Victim Assistance Privacy Rights Clearinghouse
...619-298-3396
...www.privacyrights.org
U.S. Public Interest Research Group
...202-546-9707
...www.pirg.org/uspirg
Contact www. identitytheft.org
Contact the FTC at 877-438-4338
Report problem to the FBI at
...www.ifcc.fbi.gov
Contact the local police
(93).


Chapter 5: Charity Scams on the Web, by Carol Ebbinghouse.

GuideStar to check credentials of charities

Look for a Web address with "information about the organization, a directory of local affiliates or branches, contact information, and a description of the mission" (99).

Give.org Better Business Bureau Wise Giving Alliance. Lists which charities meet its standards.

CharityWatch.org American Institute of Philanthropy (AIP), a watchdog group... "It's a definite stopping point before opening your checkbook. It maintains a Rating Guide, which "gives a letter grade rating and other statistics on the financial performance of about 400 major American charities" (102).

"For less known local organizations, as well as the large ones, you might try the GuideStar site's database of over 620,000 charities" (102).

Charity Portals:

Some rules to follow before giving to a charity:

When to Suspect a Scam

  1. "If there is high pressure to contribute or if the organization only wants cash. Always make any check out to the full name of the charity, not just the initials or the solicitor's name.

  2. "If you ask for literature on the organization, beware if there "isn't time" to send written material.

  3. "If you are told you have won money or a valuable prize but never entered a competition.

  4. "If an organization wants to pick up your contribution rather than use the U.S. mail (mail fraud is a federal crime).

  5. "If you get an invoice claiming that you have made a pledge when you have not. This is illegal.

  6. "If a solicitor won't tell you if he or she works for a commercial fundraiser and is being paid. If he or she is, ask for the name of the commercial fundraiser and for proof of registration with the state. Call the charity to determine whether it authorized the solicitor.

  7. "If a solicitor threatens you, hang up and call the local consumer fraud division of your local district attorney's office and the BBB" (108).

How to Report a Scam
"First, gather all the information you can. File complaints with the Attorney General for your state, the Secretary of State, local (city and/or county) agencies with which charities soliciting in your state must register, the local (city or county) prosecutor or district attorney, as well as the FTC and the IRS" (109).


Chapter 6: How E-Commerce, Online Consumer, and E-Mail Fraud Rely on Misdirection and Misinformation, by Lysbeth B. Chuck.

"According to the University of Texas study done early in 2000, the online economy at that time generated $523 billion in revenue and employed 2.5 million Americans. According to other studies, it had also created $500 trillion in stock market values, and if "Online" were an actual country, its economy would rank 18th in the world" (113).

Quatloos!... Nigerian Scam Letter Gallery... examples of scams. "In 2001, the Secret Service estimated that in the United State alone, losses to Nigerian Letter scams amount to more than $100 million a year" (115). "..the letter is reportedly the third largest industry in Nigeria" (116).

"..according to.. Meridien Research, fraud rates of 20 percent and up are common at retail Web sites" (117).

"New Internet technology applications... like pagejacking (also known as cybersquatting) and mousetrapping, can produce revenues without the end-user ever reaching for his or her wallet.

"Pagejacking occurs when legitimate Web pages are hijacked (copied to other sites) and their traffic is then diverted to those sites. The bogus site may rake in cash by charging higher ad fees based on the number of new visitors...

"Mousetrapping occurs when a small application is sent by a site to the user's PC to disable essential functions, like the "exit" and "back" buttons in the user's browser... usually contributing to increased ad revenues for the iste by extending the length of the user's stay..." (118).

"Some comparison shopping sites tout technological advances that promise to guide buyers to the best available price, but only search retail sites that have paid fees to be included in the search, or they may return results that rank paying partners highest... [this is done by] CNET, America Online, and Disney's GO Network... MySimon.com" (118-9).

"Almost everything from investment and financial instruments to personal services can be bought on the Web, and the pitches for many of them are based on deceptive or misleading information... all types of criminal activities are booming with cyberspace" (119).

The most common Web scams (129):

  1. Online auctions -- 63%
  2. General merchandise sales -- 11%
  3. Nigerian money offers -- 9%
  4. Internet access services -- 3%
  5. Adult information services -- 3%
  6. Computer/equipment/software -- 2%
  7. Work at home -- 2%
  8. Advance fee loans -- 1%
  9. Credit card issuing -- .6%
  10. Business opportunities/franchises -- .4%

 

Checklist For Buying On the Web

"Don't buy through Web sites you've never used before unless it's easy to find the following information:
  1. "Exactly what kind of business is being operated.
  2. "The physical business address, including the country, an e-mail address, and a telephone number.
  3. "What the site is selling, with enough details that you can make an informed buying decision.
  4. "What the actual costs will be to you and how you will be expected to pay...
  5. "A return policy (including an explanation of how a consumer can return an item, get a refund or credit, or make an exchange; where the consumer should call, write, or e-mail with complaints or problems; the opportunity for consumers to keep a record of the transaction...)
  6. "A notice about the site's information collection practices, such as what personally identifiable information is collected, how it's used, and whether or not and with whom it's shared...
  7. "Information on security measures appropriate to the transactions...
  8. "Finally, Web site rating symbols for BizRate and the BBB" (143-4).

Where to Go For Help (146-7)
  1. Internet Fraud Watch -- provides tips, articles, and sources... an Online Incident Report Form to report fraud
  2. Internet Blacklist -- "the only search engine that tells you where NOT to go"... Anonymous reports of scams and bogus sites -- no verification is done -- "solely an unmoderated forum for people to express their opinions regarding online companies and their practices" (147).
  3. FirstGov for Consumers from the Federal Trade Commission
  4. Quatloos! warnings about tax frauds and financial frauds


Chapter 8: How to Evaluate a Web Site, by LaJean Humphries.

"First, always be skeptical... Question everything... Don't check your common sense at the keyboard" (165).

Factors to Consider:

1. Who Wrote It?

"If you cannot determine the author and the author's authority, you may want to question the information on that web page" (166).

Ways to find out about the author:

2. Who Published It?

Government agencies, universities, major trade associations, and "publishing companies that are familiar names in the nonvirtual world" (167) are usually the best sources of quality information.

3. Is the information current, accurate, and complete?

"Currency may not matter for some things" (167).

Check accuracy against other sources ("second opinion").

Check completeness against other sources.

4. Is the information presented in an objective manner?

"Some sites clearly state, "Our mission is..." or "Our purpose is to..." You should not have to guess at the purpose of a Web site" (168).

5. How often is the site updated?

6. Is the document well written?

"Sloppy writing indicates sloppy thinking... Not all high-quality writing reflects accuracy, reliability, and currency, but the lack of it is a good clue in evaluating the content as well" (169).

"Looks can be deceiving" (169).

 

Web Review Sources:

 

Evaluation Checklists and Tutorials:


Chapter 9: The Searching Quagmire, by Susan Feldman.

Deceptive Advertising Practices... "Some major search engine companies.. deceptive advertising for placing ads in search engine results without clear disclosure that the ads are in fact ads... named Alta Vista, AOL, Direct Hit, iWon, LookSmart, Microsoft, and Terra Lycos" (175-6).

"...some of the largest search services are providing results in which more than half their listings are paid links... GoTo.com (now Overture.com)... NBCi and Go.com" (176-7).

See www.payperclicksearchengines.com/ for more information.

"...some search engines sell higher rankings to sites that pay for being returned" (177).

"Spamdexing (manipulation of metatags and text by Webmasters) in order to obtain high rankings or inappropriate listings" (177).

".. delayed indexing of scientific research can lead to the duplication of work; and delayed or biased indexing may affect social or political decisions" (177).

"Not all inexplicable results are due to misleading or deceptive advertising practices, however" (178).

Misconceptions that lead us astray:

  1. "The whole Web is crawled.
  2. "All search engines search the same set of Web pages.
  3. "AND should find more results than OR.
  4. "All search engines work the same.
  5. "Search engines search the actual page at the time of searching.
  6. ""Advanced" features (i.e., Boolean queries) are the best way to search and will get you everything that is relevant to your question.
  7. "Directories and search engines are the same thing" (181).

1. The whole Web is crawled.

"... there are over a billion pages on the Web" (181).

"To add to the confusion, about 50 percent of the World Wide Web is not publicly or easily available... Some pages are hidden behind firewalls... Any text formatted as a flat ASCII file or contained inside a database will also not get indexed... called the invisible web" (182).

"Even so, only a small percentage of the Web pages are crawled... Each search engine searches a different database, which is one reason why results can differ so wildly" (183).

2. All search engines search the same set of Web pages.

"Studies by Greg Notess (www.notess.com) and by Steve Lawrence and C. Lee Giles (www.wwwmetrics.com) have demonstrated that each search engines searches a fraction of the Web. These separate slices of the Web rarely overlap between search engines" (183).

The lesson here is to search several search engines.

3. AND should find more results than OR.

"Many searchers expect that AND will yield more results than OR, since that is the way that we use those words in plain English ("one Dog AND one Cat = two Pets"). But in Boolean searching, the AND requires that all connected terms must occur in the same document. Therefore, "one document mentioning Dog AND one document mentioning Cat may = zero documents" since neither document mentioned both animals" (183).

4. All search engines work the same.

"If you haven't found the information you seek in the first 30 or so documents, or it appears that the search engine has misinterpreted your question, then change the query or change the search engine you use. It is quite possible that you are seeking information that is not indexed by that particular search engine" (185).

5. Search engines search the actual page...

"Search engines search their index, not the actual page that appears on the Web, when they answer a query. It would take too long for them to go to each page and search it separately" (185).

6. "Advanced" features are the best way to search.

"Web search engines were designed to improve Boolean searching. The idea is that most people are searching for something that they have trouble decribing because they don't know very much about the topic. If you are an expert and you know what you are looking for, a Boolean query can be the riht approach. However, tests over the years show that a good query that uses many synonyms can often be more successful, even if you are looking for a specific title, so try that approach first" (185).


Chapter 11: Remedies for Intentional Misinformation, by Carol Ebbinghouse.

To verify a Web site's ownership:

For compaints about securities or stock fraud:

About Trade, retail, or consumer misinformation or fraud:


Endnote: What a Tangled Web We Weave, by Barbara Quint and Anne P. Mintz.

"The deception on the Web occurs exponentially faster than what we have experienced in the past, and makes us more vulnerable to unverified information" (229).

"Mundus vult decipi; ergo decipiatur" (Roman epigram -- The world wants to be deceived; let it therefore be deceived)(230).

"...the right answer may lie in other formats. Dare we say it? The answer could lie inside a journal article, a newspaper column, a print index to specialized subject matter, or even [a] book!... Sometimes such answers are not only better, but faster and cheaper" (233).


Please send comments to: Colby Glass, MLIS

Return to Philosophy Homepage