421

Spoofing Life: Reality Altering Technologies Enable Crime

As we come to rely more and more upon technology as a filter for our own life experiences, opportunities to bend reality abound.  In theory, none of this is new.   Ask anybody who has ever been on an online dating site and they will tell you what you see is not always what you get.  Yet as technology plays an ever-increasing role as an intermediator for our daily experiences, those who control the technology can control our experiences.  These changes have some significant implications for crime and social disorder in the 21st century.

 

Phishing emails routinely take users to websites that appear to be genuine, but are in fact controlled by organized crime.  Unsuspecting victims enter their personal banking details and are defrauded shortly thereafter.  Pedophiles pretend to be teenagers, creating extensive fake online profiles in order to lurk in chat-rooms popular with young adults and to contact them.  The creation of hundreds of thousands of blogs has turned the common man into a broadcaster, making it harder to judge the quality and veracity of the news.  Is the story about the latest celebrity death real or is it rumor?  The stories look real and official.  Perhaps they are true?  Of course one false story about a company’s latest quarterly financials is enough to move markets and create a financial fraud costing victims billions of dollars.

 

As noted below, there are now a number of software applications that have been created to “spoof” or alter the caller identification on outbound mobile phone calls.  While there are relatively benign uses of these technologies, (like playing jokes on other teenage friends), there can also be potentially deadly consequences. 

 

In a phenomenon known as “Swatting,” criminals have been able to telephone police 911/emergency phone systems with spoofed telephone identities and reporting non-existent crimes resulting in the response of heavily-armed police SWAT units to various locations.  In many cases, the offenders placed calls that appeared to come from legitimate addresses several states away and reported ongoing kidnapping or hostage scenarios in progress.  Using these technologies, it was possible for a man in Ohio (USA) to use a spoofed phone identification to report a nonexistent hostage crisis, sending armed police bursting into the homes of innocent people.

 

Spoofed phone numbers can also allow criminals access to the voice-mail systems of others.  Since many mobile phone carriers do not require a password to enter one's voicemail box when calling from the account's associated phone number, a spoofed caller ID means criminals can listen to the phone messages of others without authorization.  Valuable information could be obtained regarding pending business transactions, mergers and acquisitions and even personal medical data.  Noted celebrities have also been accused of abusing this technology to gather gossip on rivals.  From a social engineering perspective, telephone spoofing creates a powerful tool for the criminal mind.

 

A spoofed telephone call to a company’s IT-Department requesting a system password or the latest WiFi WPA key, is much more likely to be successful if the call appears to be emanating from within the company’s own telephone infrastructure (internal to the company).  Of course this particular technique is not new.  Even 15 years ago, fax machines allowed their owners to enter any particular information they desired for identifying the machine and its originating phone number.  What is changing however, is the pervasive use of technology and the widespread means to alter the user experience in real time.

 

Researchers at Stanford University’s Virtual Human Interaction Lab have done extensive research on human behavior in virtual spaces and have presented a number of techniques to alter in an instant how our virtual selves are presented to others.  The implications for future forms of criminality are noteworthy as evidenced by these experiments.  For example, it is widely known that people in traditional human-to-human interactions tend to have greater trust in people who look, sound and act just as they do.  That is to say, generally speaking, all things being equal, somebody would likely more trust and believe in somebody of their own race, gender or age, than somebody who differed in these characteristics.  As such, it is possible to alter one’s appearance, depending on the appearance of others. 

 

Thus if I wanted to sell an individual a life insurance policy, I would have a better chance of making the sale if I emulated the physical characteristics of the person to whom I was selling.  This is hard to do in real life, but easy to do with an avatar that mimicked a target’s own movements and appearance in order to gain their trust.  Con men have been doing this for years.  Now, however, the entire process can be done in real time through computer scripting and AI.

The relevant “take-home” message is that in the future, seeing something with your own two eyes and hearing it with your own ears, may not mean that it is real or actually occurred. 

 

Entertainers long deceased, such as Elvis, Marilyn Monroe and Humprey Bogart have been resurrected in digital form and are being used in commercial advertisements to sell a wide variety of products, often without the permission of the entertainer’s estate.  Since there is enough video and photographic footage of these famous individuals, their likeliness can be appropriated, or misappropriated as the case may be, and made to do or sell anything.  As more and more non-celebrities, including your parents, children or spouse, post their own photos and videos online on sites such as Flikr, Picassa, Facebook and Youtube, what is to prevent an unscrupulous individual from taking them an repurposing them for criminal purposes, (such as threatening the rightful owner with the release of a highly realistic, verisimilitudinous pornographic creation unless financial extortion demands are met).

 

Rapid advances in virtual reality technologies will only exacerbate this problem.  For example, researchers at the Stanford University VHI laboratory were able to show that children immersed in virtual reality environments were unable to distinguish between what happened in the real world and what happened in VR.  The Stanford report entitled Virtually true: Children’s acquisition of false memories in virtual reality, showed that when a realistic avatar of a child’s own image was shown swimming undersea with a whale, the children believed and reported that in fact they actually did swim with a real whale.  The subjects in the study did not experience the time with the whale as anything other than a real undersea play-date with an actual whale.  This raises significant opportunities for the planting of false memories in child sexual abuse cases, among a wide variety of additional crimes.

 

As author Dean Koontz has noted, "In a world that daily disconnects further from truth, more and more people accept the virtual in place of the real, and all things virtual are also malleable."  Moving forward, technologies that alter reality will open the door to entirely new classes of crime as malicious actors deftly exploit the old adage that perception is reality.

comments powered by Disqus
×