Thursday 29 August 2024
After half-a-million views, "Dr Noakes" erection dysfunction "advert" taken down by Facebook + suggested actions for META to do better
I am pleased to report that The Noakes Foundation has succeeded in getting a fake 'Dr Noakes' advert for erectile dysfunction pills removed from META. This is after a month of trying varied methods without success to stop the brandjacking of Professor Tim Noakes' identity, and his impersonation via deepfake reels and accounts on Facebook.
On Thursday the 25th of July we were first alerted to a deep fake advert featuring Emeritus Professor Tim Noakes that ran on META's Facebook, and Tik Tok. As Figure 1 shows, the Facebook advert had been viewed over 584,000 times, liked by 637 accounts, and received 56 comments. While much of the likes and comments may be from bots, such high viewership of the reel itself is highly concerning. It suggests how rapidly a cybercriminals' adverts spread to potential victims- at over 16,000 views per day!
This account was reported to Facebook via a third-party. During this “warning period”, the account's owners launched four new "Dr Tim Noakes" campaigns. Each was documented and reported to Facebook. Interestingly, the links to the online store “sites” were dead ends. However, a 'Call Now' button could still support a call agent's phishing of victims financial details.
The scammers flick-flacked between varied accounts in committing this cybercrime- they initially used "Hughles" (Figures 6 and 7), "Cameron Sullivan Setting", and "Murthyrius" in launching the same deepfake ads. By the 28th of July, 13 of these "adverts were taken down by Facebook, but the scammers shifted to new accounts, "Longjiaren.com" (Figure 8) and "Brentlinger" (renamed "Brentlingerkk" after we reported it). On the 29th of August, these accounts and their adverts were disabled by Facebook.
Such adverts typically reach viewers outside The Noakes Foundation, Nutrition Network and Eat Better South Africa’s networks. Their audiences know Professor Noakes does not endorse miracle weight loss and other cures. To reach vulnerable publics, The Noakes Foundation has run Facebook alerts to warn about this latest cybercrime. Ironically, the most recent advert attempting to flag the "Dr Noakes" scam was blocked by Facebook advertising (Figure 9)!
Brandjacking is the ‘allegedly illegal use of trademarked brand names - on social network sites’ (Ramsey, 2010 p851). Cybercriminals misuse the trademarks of others without authorization. For example, ‘Facebookjacking’ and ‘Instajacking’ see public figures’ usernames, account names, and/or digital content being used for fake accounts and video "adverts" on Meta’s respective popular social networks- Facebook and Instagram. Such brandjacking via fake celebrity endorsement spans several types of crime: (1) Impersonation, (2) Non-consensual image sharing, and (3) the Infringement of a public figure's intellectual property through copyright violation of still images and audio-video. In addition to causing (4) Reputation damage to the public figure through suggesting association with a scam, cybercriminals may use it for (5) Financial fraud and hacking. Given that these are serious crimes, it is worrying that public figures in South Africa seem to receive minimal, if any, support from social media companies for stopping the fake endorsement digital crime. There is also a gap in scholarship for how public figures worldwide, and in SA, might best tackle this persistent crime.
Figure 1. Screenshot from the fake 'Dr Noakes' erection dysfunction advert on Facebook (2024) |
Figure 2. Screenshot of scammers' Facebook account featuring "Dr Tim Noakes" erection pill adverts (2024) |
Figure 3. Scammer account location behind fake Facebook Dr Tim Noakes adverts (2024) |
Our initial Facebook advert lookup revealed that one page was running four adverts (Figure 2). This account ("Tristan") was managed from Nepal and India (Figure 3).
Figure 4. Screenshot of fake Tristan account header behind Dr Tim Noakes adverts on Facebook (2024) |
This fake account page also leveraged fake interactions to suggest that it was liked, and followed (Figures 4 and 5).
The absence of a link for data gathering suggested that this scam was primarily not for phishing such sensitive data, or selling fake products. Rather the advert's design seems geared for stealing advertising revenue via deepfake creation. The scammers hack into the "advertiser"'s Meta account to distribute fake adverts that run up tens-of-thousands of dollars in spend. In this case it was a government-based account from an unknown location. Such adverts may also carry malware, with users clicking on them being vulnerable to hacking. These paid ads also have the impact of pushing potential followers to the advertiser’s page. More followers results in more people seeing the content, and Meta indirectly benefiting from the cybercrime's increased visibility by achieving higher advertising rates.
Figure 6. Screenshot of scammers' "Hughles" Facebook account (2024) |
The scammers flick-flacked between varied accounts in committing this cybercrime- they initially used "Hughles" (Figures 6 and 7), "Cameron Sullivan Setting", and "Murthyrius" in launching the same deepfake ads. By the 28th of July, 13 of these "adverts were taken down by Facebook, but the scammers shifted to new accounts, "Longjiaren.com" (Figure 8) and "Brentlinger" (renamed "Brentlingerkk" after we reported it). On the 29th of August, these accounts and their adverts were disabled by Facebook.
Figure 8. Screenshot of Longjiaren.com scammers Facebook account for fake adverts (2024) |
Such adverts typically reach viewers outside The Noakes Foundation, Nutrition Network and Eat Better South Africa’s networks. Their audiences know Professor Noakes does not endorse miracle weight loss and other cures. To reach vulnerable publics, The Noakes Foundation has run Facebook alerts to warn about this latest cybercrime. Ironically, the most recent advert attempting to flag the "Dr Noakes" scam was blocked by Facebook advertising (Figure 9)!
Actions for META to do better in fighting cybercrime on its platforms
As Anna Collard (KnowBe4) spotlights in her recent interview with eNews, social media platforms are a vital source for news in Africa. Consequently, these platforms must be held more accountable for any slow responses to synthetic- and deep-fakes. It is greatly concerning that META's Facebook platform is so rife with many serious crimes (ranging from sextortion and child-trafficking to drug pushing).
META can be more pro-active in tackling such cybercrimes {plus less serious ones like fake celebrity endorsement}, by prioritising these seven steps below:
1) Actively communicate that all users' must have a 'zero trust' mindset;
2) Create a compliance team that is dedicated to thwarting cybercriminals' activities;
3) Offer at least one human contact on each META platform for serious reports of criminal misuse;
4) Promote frequent reporters of cybercrime by referring them to META's Trusted Partners or Business Partners for rapid aid;
5) Encourage external research on every platform regarding cybercriminals' activities (such initiatives could develop inexpensive tools. For example, for celebrities' reps to protect public figures from being deep faked in "adverts");
6) Provide more feedback on what was influential in reporting cybercrime for accounts and content to be removed. Without such feedback, fraud reporters may not be sure which reports are most effective;
7) Have a recommendation system in place for support networks that cybervictims can approach (such as referring South Africans to its national CyberSecurity hub).
2) Create a compliance team that is dedicated to thwarting cybercriminals' activities;
3) Offer at least one human contact on each META platform for serious reports of criminal misuse;
4) Promote frequent reporters of cybercrime by referring them to META's Trusted Partners or Business Partners for rapid aid;
5) Encourage external research on every platform regarding cybercriminals' activities (such initiatives could develop inexpensive tools. For example, for celebrities' reps to protect public figures from being deep faked in "adverts");
6) Provide more feedback on what was influential in reporting cybercrime for accounts and content to be removed. Without such feedback, fraud reporters may not be sure which reports are most effective;
7) Have a recommendation system in place for support networks that cybervictims can approach (such as referring South Africans to its national CyberSecurity hub).
In addition, META might consider these suggestions from The Noakes Foundation's Report Fake Endorsement initiative, to: (8) enhance deepfake detection technology, (9) apply stricter verification processes, (10) increase transparency and reporting tools, (11) support local educational initiatives, (12) promote collaborations with local cybercrime experts, (13) implement proactive monitoring systems to detect unusual patterns in ads, and (14) reinforced consequences for violations.
By sharing this "Dr Noakes" case study (and developing others), The Noakes Foundation hopes to raise awareness of the fake celebrity endorsement cybercrime, plus the importance of Big Tech guardians stepping up to fulfil their responsibilities. We are also liaising with sympathetic allies (KnowBe4® Africa Security Awareness, Orange Defence, Wolfpack Information Risk and others) to grow the networks necessary to better support cybercrime prevention in South Africa.
Much can be done for targeted digital literacy education for vulnerable targets of cybercrime (such as #StopTheScam for silver surfers). We will also continue advocating that capable guardians (such as META, Twitter and TikTok) become more pro-active in protecting vulnerable publics on their platforms. Their gatekeeping role is vital, as the traditional bulwarks against crime (education, the police and the law) seem unable to catch-up with the "evolution"of global cybercrimes!
Labels:
advert
,
brandjacking
,
celebrity
,
cybercrime
,
endorsement
,
Facebook
,
fake
,
META
,
research
,
scam
Location: Cape Town, Western Cape Province, RSA
Cape Town, South Africa
Thursday 22 August 2024
META profits off fake celebrity endorsement ads (& no, "Dr Noakes" cannot help your erection problem 🙄!)
Yes, the "Dr Noakes" advert below for men’s erection problems is the latest brandjack of Prof Noakes' identity on Facebook (and Tik Tok). So-called "Bretlinger"'s recent deep fake advert (Figure 1) features "Tim Noakes" promising a "second youth" through "science" for those suffering from erectile dysfunction. This Facebook reel is accompanied with the text; 'I've done this three times – and for five years now, I haven't had any issues with erectile dysfunction. Write down my prescription from Dr. Tim Noakes: an easy way to restore your manhood in seconds.' (Don't expect many men will be reporting to Facebook, or publicly commenting for being scammed with this particular health problem 😡).
Figure 1. Screenshot of fake "Bretlinger" company's advert reel for "Dr Noakes" erection product on Facebook (2024) |
The Noakes Foundation and friends have reported this cybercriminals'* advert many times to META. BUT guess what, just like R Kelly... META Facebook's bots and human reviewers "do not see anything wrong" with the ad! Apparently adverts stealing a person's reputation, plus Facebook users' hard-earned money is no problem for META, since the scam is not going "against Facebook's community standards" (Figure 2).
Figure 2. Facebook support message reply to fake "Dr Noakes erection advert" report (2024) |
Even if Facebook is just a conduit for sharing ads that are strictly the advertiser's responsibility, META still faces a legal risk in benefiting from crime (receiving "advertising" fees repeatedly!). For several months, The Noakes Foundation's representatives have provided a third-party with spreadsheets of scam accounts and hyperlinks for META's reference. This seemed effective in blunting the persistent brandjacking of Professor Tim Noakes' reputation across Facebook and Instagram. However, META has shifted position and will no longer use these spreadsheets. Paraphrasing, META thinks that 'none of the adverts are threatening or will lead to grievous bodily harm or death'.
As previously described for Twitter (now X), there is a familiar pattern of popular social media platforms turning a blind eye to cybercriminals' creation of imposter accounts to launch phishing attacks via fake adverts. Our preliminary research (2022-23) revealed that Facebook and Instagram were the most popular platforms reported by the financial victims of the Dr Michael Mol and Tim Noakes brandjackings. Cybercriminals are now also making use of Tik Tok for widespread promotion of the "Dr Noakes' erection solution'. While their earlier brandjacks have used synthetic content, the latest feature deep fake videos of Tim speaking for most of the "advert".
As "Tim's" Facebook advert is accompanied by negative comments from victims (such as "You stole my money!") it is seems inconceivable that a genuine, impartial, humane reviewer can argue that such scamming content is "acceptable". * Perhaps an alternate explanation is that META is following orders from powerful outsiders in not applying its own policies! In exploring the patterns of this cybercrime's victims, it is notable that low-carbohydrate experts were targeted across continents. Amongst the fake advertising for them, Emeritus Professor Tim Noakes' stands out for his likeness/reputation having been re-used the most. It is not unrealistic to hypothesise that Western intelligence agencies may ask social media platforms to ignore content that degrades the reputations of prominent state propaganda critics. Dr Piers Robinson suggested this hypothesis based on experiences in facing character assassination via corporate media after setting up the Working Group on Syria, Media and Propaganda. It stumbled upon a strategic deception, perpetrated by the US, UK and French governments, regarding chemical weapons attacks in Syria, and their improper investigation. As Piers tweeted, 'from detaining and interrogating journalists such as Julian Assange, Richi Medhurst, Vanessa Beeley and Kit Klarenberg, through to smearing/character assassination across social media against Sharyl Attkisson, there are a myriad of ways used to suppress dissent.'
Prof Noakes has also faced character assassination after publicly challenging health propaganda related to "The Science"™ behind the US government's (high-carbohydrate-promoting) food pyramid, plus the worldwide promotion of (poorly/untested) COVID-19 genetic "vaccinations". Perhaps META's repeated failure to block these adverts is not an oversight of its responsibility to its users, but rather deliberate in following external directives. Worse, some scams may not be just the work of cybercriminals, but also be supported by intelligence agencies experimenting with fake endorsements as a new tool in their character assassination arsenal?!
In an interview on the Deepfake content 'explosion', a Facebook spokesperson recently stated that 'Content that purposefully intends to deceive or exploit others for money violates our policies, and we remove violating content when its found.' Interestingly, this spokesperson did not detail what META's response is to content being reported. There is also a missed opportunity to check whether the Facebook response to the reported victims and their representatives (Leanne Manas, Patrice Motsepe, Elon Musk, Nicky Oppenheimer, President Cyril Ramaphosa and Johann Rupert) actually corroborates this PR claim. In the case of the Noakes Foundation and Prof Noakes, certainly not!
Regardless of the scam's sources, The Noakes Foundation, its associates and I will continue to raise public awareness (via reportfakeendorsement.com and other channels) against fake celebrity endorsement ads. Such activism helps the general public develop zero trust in any "endorsements". These are NO endorsements from Professor Tim Noakes (or his associates at The Noakes Foundation, the Nutrition Network and Eat Better South Africa NPC). We will continue to research and advocate for social media platforms to take pro-active steps for preventing a decade long micro-fraud. It costs vulnerable South Africans millions of Rands each year, whilst also harming celebrities' reputations-and-wellbeing.
Online companies and social media platforms must do more to protect vulnerable audiences from fraudsters. Ironically, The Noakes Foundation's recent post warning about the latest scam has a comment section that then gets used as the next fraud trap. Scammers offer "help" to victims on it, promising that they can "find the criminals" and get a victim's "money back". These FB accounts may be bots that are automated to add comments to posts featuring tags such as 'hack(ed)', 'scam(med)', 'deepfake', etc.
Figure 3. Screenshot of The Noakes Foundation scam alert post on Dr Noakes scam with scammer comments, top (2024) |
This scam alert attracted 16 comments, almost all of which seem dubious. Whilst the comments seem to be from "individual" accounts, they may also be synchronised from a "bot farm" to reduce a post's visibility. On X, tweets that are replied to by dodgy accounts are algorithmically penalised by being adding to a blacklist. If true on Facebook, then this co-ordinated commentary might also be evidence of a malicious actor trying to reduce the visibility of The Noakes Foundation's response to a scam.
Figure 4. Screenshot of scammer comments to The Noakes Foundation's scam alert post for the Dr Noakes scam, bottom (2024) |
META's Facebook and Instagram do not offer its public page managers any option to quickly respond to a barrage of scammy, fake comments. As a result, in addition to responding to fake ads, organisations must also use scarce resources to manage this scammy commentary. Each dodgy Facebook user's comment (Figure 4) must be- hidden and reported (as false information) one-at-a-time. Likewise for blocking each account, and hiding their feed. The Noakes Foundation is going to flag to META that it must provide page administrators with decent tools to efficiently tackle the 'fake comments' threat. Let's just hope that META is not turning a blind eye to that threat, too...
To paraphrase ALIEN's Ash synthetic's sardonic comment to humans faced confronting the Xenormorph threat, 'I can't lie to you about your chances, but you have my sympathies... in dealing with META (and the CIA)!'
Figure 5. ALIEN Ash sympathies meme |
Subscribe to:
Posts
(
Atom
)