Online identity theft is a frightening real crime, even though it happens online. In this article, Ukrainian journalist Valeria Kovtun, currently an LSE MSc student, gives her first-hand experience of the struggle to stay secure on social media.
“Hi, this is all weird, but I have just stumbled across your profile, which is probably not yours.”
I received this message from one of my Instagram followers. She attached a screenshot of a profile of ‘Eliza Ostrovskaya’, where all pictures and texts were mine. I panicked.
Someone had stolen my data from Instagram and Facebook to create a fake identity. That profile had around 300 followers and was actively posting stories, replying to messages and comments. Moreover, it later turned out “Eliza” had created a CV claiming to be a journalist from Ukraine who graduated from LSE and was based in New York.
Instagram removed this fake account within seconds after I reported it. But the fears remained: all my social media profiles are private which means my data was stolen by someone who I myself had approved. Who knows how many more fake profiles with my data might be there on the Internet and what for?
The Illusion of Privacy?
This situation made me question the notion of privacy on social media: is it an illusion? Once you are registered, the data you voluntarily share no longer belongs only to you. The action of sharing itself suggests you are giving a consent to someone else using your pictures, videos and texts. Even if the number of people who can view your posts is limited, your privacy is still at stake as you can hardly make sure everyone from your friends list is adhering to the code of ethics.
Protecting your privacy by abstaining from any activity on social media, on the other hand, means depriving yourself of a variety of gratifications. The benefits of being an active user, such as popularity, creating bonds, getting emotional support and gaining social capital often mean privacy concerns are compromised. Data scientists call it ‘privacy paradox’, when there is a clear discrepancy between users’ behaviours of disclosing personal information and their fears about data theft. In other words, we are expressing the need for privacy but at the same time cannot stop sharing.
Protecting data online has always been one of the valid concerns among users but there is still no effective and quick mechanism to identify and punish data thieves. If your account is being hacked or your data misused your first action would not be calling the police, even though this is considered a crime. You are more likely to be left alone to fight with a thief and reclaim ownership of your identity.
Staying Alert
Last year, in the middle of the night I received a notification that I was logged out of my Gmail account. A hacker changed the backup email and the phone number in the settings so that I could not retrieve the password. In panic, I rushed to Google asking for help. Yet Google only had recommendations as to how to protect my account rather than how to retrieve access once it is hacked.
In a few minutes, I received another notification, this time from Facebook, warning me of some suspicious activity. I immediately changed the email address linked to Facebook but the hacker was already there continuously trying to reset the settings. The battle was ongoing for half an hour until Facebook blocked my profile. Miraculously Google identified a hack and allowed me to verify my identity and change the password. Next day, I learnt that many of other Ukrainian journalists’ accounts on Facebook had been hacked the previous night. Some of them told me they were blackmailed: hackers threatened to share their sensitive information.
After this incident, I made all my accounts more secure. With the lack of regulation on social media, prevention seems to be the most effective tool to fight hackers and protect your data. If you are an active user with a wide network, there is nothing social media can suggest to insure you against identity theft. Instead, these companies are heavily relying on users to report suspicious activity and help alleviate frauds on the platforms. If my Instagram follower hadn’t messaged me about that fake account, I would probably have never learnt about its existence, and so would not have reported and removed it. ‘Staying alert’ is as necessary on the internet as it is in real life.
This article by Ukrainian journalist Valeria Kovtun, currently an LSE MSc student in the Department of Media and Communications.
