The use of social media by both individuals and organizations has grown immensely in the past few years, fuelled by a combination of greater internet access and smart mobile devices. The three most popular websites, Facebook, Twitter and Instagram, are regularly used by many millions of people, all with the purpose of ‘social networking’, connectivity, enabling people to express themselves and interact – using the internet as a platform for doing so. However, a minority of those in society using social media create problems that may come under the umbrella of criminal liability.

A criminal offence defines an act, or omission, that is so harmful that the wrongdoing is deemed to be against the state rather than an individual who has suffered as a result of a particular act. As a result, the state investigates and prosecutes those alleged of such wrong doing, and upon conviction by a Court, the state imposes a punishment by depriving the perpetrator of their liberty, fine and other means. There have been differing views as to whether harmful acts committed using social media are new acts, or whether they are already prohibited by current legislation but committed in the new forum of social media. It appears that the House of Lords are persuaded by the latter of the two approaches, noting that the ‘social media platform is simply a medium for human beings to behave or misbehave’. On that basis, it is evident it was not deemed necessary nor appropriate to create a new set of offences specifically for acts committed using social media and alike. [1]

What is Social Media Forensics?

The application of computer investigation and analysis techniques to gather evidence from online sources and social networks suitable for presentation in court of law.

Types of Social Media Crimes:

  1. Online threats, Stalking, Cyber bullying
  2. Virtual Mobbing
  3. Trolling
  4. Revenge porn
  5. Hacking and Fraud
  6. Buying illegal things
  7. Identity theft
  8. Vacation Robberies
  9. Posting Video of criminal activity
  10. Social engineering & Phishing, etc. [2]

Sources of Social Media Evidences:

  1. 200+ social media outlets
  2. 800+ online services
  3. Blogs
  4. Company and Personal websites
  5. Group, club or special interest forums
  6. Archival sites

Examples/Case Studies:

  1. In 2008, hackers sent messages to Facebook® users stating, “Hey, I got a new Facebook account. I’m going to delete this one, so add my new profile.” Upon clicking the hyperlink to add their friend’s new account, the users were sent to a phishing page that was designed to collect their user information. The page looked identical to a Facebook® login page; however, the URL was view-facebookprofiles.com, which is not a subdomain of Facebook® and is one of the telltale signs of a phishing page. However, most people did not recognize this, and potentially thousands of Facebook® users had their accounts compromised by giving away their usernames and passwords. This was not the first attempt at phishing on Facebook®, but it was certainly one of the most coordinated and stands as classic example of phishing.
  2. In 2007, the dangers of cyber bullying were brought to light when a teenage girl, Megan Meier, committed suicide when it was revealed that a boy she admired on Myspace® was actually a classmate’s mother antagonizing the teenager for being different.33 The mother, Lori Drew, allegedly communicated to Megan as “Josh” for over one month and then abruptly ended the relationship. Megan committed suicide the same day. Lori Drew was convicted of computer fraud and abuse, but was acquitted for Meier’s death.
  3. In 2009, Justin Brown was arrested for impersonating a model named Bree Condon on the dating site Seekingmillionaire.com. Unlike many scams perpetrated on social networking sites, Mr. Brown impersonated a real model and assumed her real name. Ms. Condon hired a private investigator who ultimately alerted police to the fraud that her name, likeness, and professional photographs were being used in the scam until Mr. Brown was arrested. Investigators later learned that Mr. Brown had phone conversations with wealthy men in exchange for money and gifts (iPhone® and $15,000 cash). The scam is an exception considering the care that Mr. Brown took and demonstrates what can be perpetrated by a lone individual. Mr. Brown said that he created a plausible biography of Ms. Condon by using her online biographical information. While the following did not occur on a social media site discussed yet in this paper, the exact scenario could happen on any social networking site.

Prevention Methods:

While it’s impossible to completely safeguard yourself from being victimized online, the following tips can give you reasonable protection from being victimized on a social media site.

  1. Use caution when you click links that you receive in messages from your friends on your social website. Treat links in messages on these sites as you would links in email messages.
  2. Know what you’ve posted about yourself. A common way that hackers break into financial or other accounts is by clicking the “Forgot your password?” link on the account login page. To break into your account, they search for the answers to your security questions, such as your birthday, home town, high school class, or mother’s middle name. If the site allows, make up your own password questions, and don’t draw them from material anyone could find with a quick search.
  3. Don’t trust that a message is really from who it says it’s from. Hackers can break into accounts and send messages that look like they’re from your friends, but aren’t. If you suspect that a message is fraudulent, use an alternate method to contact your friend to find out. This includes invitations to join new social networks.
  4. To avoid giving away email addresses of your friends, do not allow social networking services to scan your email address book. When you join a new social network, you might receive an offer to enter your email address and password to find out if your contacts are on the network. The site might use this information to send email messages to everyone in your contact list or even everyone you’ve ever sent an email message to with that email address. Social networking sites should explain that they’re going to do this, but some do not.
  5. Type the address of your social networking site directly into your browser or use your personal bookmarks. If you click a link to your site through email or another website, you might be entering your account name and password into a fake site where your personal information could be stolen.
  6. Be selective about who you accept as a friend on a social network. Identity thieves might create fake profiles in order to get information from you.
  7. Choose your social network carefully. Evaluate the site that you plan to use and make sure you understand the privacy policy. Find out if the site monitors content that people post. You will be providing personal information to this website, so use the same criteria that you would to select a site where you enter your credit card information.
  8. Assume that everything you put on a social networking site is permanent. Even if you can delete your account, anyone on the Internet can easily print photos or text or save images and videos to a computer.
  9. Be careful about installing extras on your site. Many social networking sites allow you to download third-party applications that let you do more with your personal page. Criminals sometimes use these applications to steal your personal information. To download and use third party applications safely, take the same safety precautions that you take with any other program or file you download from the Web.
  10. Turn the geo-tagging feature off. This is the most direct solution and you can find out how to do this for most phones. [3]

References:

  1. Social Media- new and emerging crimes are committed online’ [Online] (https://www.leathesprior.co.uk/news/social-media-new-and-emerging-crimes-that-are-being-committed-online) Accessed on 26/7/2018.
  2. Types of Social Media Crimes’ [Online] (https://blogs.findlaw.com/blotter/2017/02/5-common-types-of-social-media-crime.html) Accessed on 26/7/201.
  3. ‘Criminal Use of Social Media (2011)’ [Online] (https://www.nationalpublicsafetypartnership.org/clearinghouse/Content/ResourceDocuments/Criminal%20Use%20of%20Social%20Media.pdf) Accessed on 29/7/2018.