Internet vigilantism

Methods

The following are methods of Internet vigilantism that have been used or proposed for use:

Scam baiting

Scam baiting is the practice of feigning interest in a scam in order to manipulate the scammer behind it. The purpose of scam baiting might be to waste the scammers' time, embarrass him or her, cause them to reveal information which can be passed on to legal authorities in the hope that they will be prosecuted, get them to spend money, or simply to amuse the baiter.

Scam baiting emerged in response to e-mail based frauds such as the common Nigerian 419 scam. Many websites publish transcripts of correspondences between baiters and scammers, and also publish their "trophies" online, which include videos and images scam baiters have obtained from scammers.

Public shaming

The social networking tools of the World Wide Web have been used as a tool to easily and widely publicize instances of perceived anti-social behavior.

David Furlow, chairman of the Media, Privacy and Defamation Committee of the American Bar Association, has identified the potential privacy concerns raised by websites facilitating the distribution of information that is not part of the public record (documents filed with a government agency), and has said that such websites "just [give] a forum to people whose statements may not reflect truth."

After some controversial incidents of public shaming, the popular link-sharing and discussion website Reddit introduced a strict rule against the publication of non-public personally-identifying information via the site (colloquially known on Reddit and elsewhere as "doxing"). Those who break the rule are subject to a site-wide ban, and their posts and even entire communities may be removed for breaking the rule.

In 2015, online shaming was the subject of a book titled So You've Been Publicly Shamed by Jon Ronson

Distributed denial-of-service

A DDoS attack can be used to take down malicious websites, such as those being used for phishing or drive-by downloads. Thousands of people generate traffic to a website, flooding it such that it goes over quota or simply can't serve that many requests in a timely manner.

"Project Chanology"

Project Chanology was a protest movement against the practices of the Church of Scientology by members of Anonymous, a leaderless Internet-based group that defines itself as ubiquitous. The project was started in response to the Church of Scientology's attempts to remove material from a highly publicized interview with Scientologist Tom Cruise from the Internet in January 2008.

Project Chanology began its campaign by organizing and delivering a series of denial-of-service attacks against Scientology websites. The group was successful in taking down local and global Scientology websites intermittently from January 18, 2008 until at least January 25, 2008. Anonymous had early success rendering major Scientology websites inaccessible and leaking documents allegedly stolen from Scientology computers. This resulted in a large amount of coverage on social bookmarking websites.

"Operation Payback"

In September 2010, Girish Kumar, the founder of Aiplex Software, admitted to using distributed denial of service attacks against known and suspected copyright violators including some large-profile P2P sites resulted in the company's servers as well as those of the MPAA and RIAA suffering a DDoS attack themselves. The attack was launched by Anonymous, coordinated through IRC; the participants have willingly given control over their LOIC to the IRC, forming a voluntary botnet in order to overpower their targets.

As a result, Aiplex went offline for a full 24 hours while the MPAA's website was unreachable for 22 hours. The RIAA, the Gallant Macmillan and ACS Law firm, as well as AFACT and the Ministry of Sound has been targeted as well.

On 16 October 2010, Anonymous launched an attack against the UK Intellectual Property Office website. The attack commenced at 17:00 GMT, causing the site to go down swiftly. It was brought back online on October 22. The rationale for the attack was that the site was "Perpetuating the system that is allowing the exploitative usage of copyright and intellectual property."

Alan Ralsky spamming incident

In December 2002, convicted spammer Alan Ralsky was interviewed by the Detroit News. In the interview, Ralsky defended his position by arguing that spamming was a "perfectly legal business." He also claimed that he would never quit spamming and expressed interest at some of the newest spamming technologies such as "stealth spamming".

Shortly afterwards, this article was posted on Slashdot, a popular technology news site. In response to Ralsky's remarks, the members of Slashdot posted his personal information and urged people to use this information to subscribe Ralsky to a number of free mailing subscriptions for the purpose of sending junk mail to his home. As a result, Ralsky's home received bags of mail daily.

MegaUpload Retaliation

In response to MegaUpload's seizure by the US Department of Justice and FBI, the hacker group Anonymous announced on Twitter, "We Anonymous are launching our largest attack ever on government and music industry sites. Lulz. The FBI didn't think they would get away with this did they? They should have expected us." Later that week, as many as 10 sites had been taken offline in response to the Megaupload shutdown including the FBI, Universal Music, RIAA (Recording Industry Association of America) and Hadopi - the French government agency responsible for "protecting creative works on the Internet" and "the attacks were carried out by spreading links via Twitter and other parts of the Internet which carried out distributed denial-of-service attacks".

Counter-terrorism

An American judge, serving in Montana, has a controversial role as a vigilante online terrorist-hunter, posing as militant anti-American Muslim radicals online, hoping to attract the eye of those with similar mindsets.

Google bombing

Google bombing is a process where website owners manipulate Internet search ranking algorithms to link searches from one term to another. A group of activists chose to manipulate Google by adding hyperlinks to George W. Bush and Michael Moore with the anchor text "miserable failure", so that a person searching for the term "miserable failure" was more likely to find political figures.

The campaign for the neologism "santorum" started with a contest held in May 2003 by Dan Savage, a columnist and LGBT rights activist. Savage asked his readers to create a definition for the word "santorum" in response to then-U.S. Senator Rick Santorum's views on homosexuality, and comments about same sex marriage. In his comments, Santorum had stated that "In every society, the definition of marriage has not ever to my knowledge included homosexuality. That's not to pick on homosexuality. It's not, you know, man on child, man on dog, or whatever the case may be." Savage announced the winning entry, which defined "santorum" as "the frothy mixture of lube and fecal matter that is sometimes the byproduct of anal sex". He created a web site, spreadingsantorum.com (and santorum.com), to promote the definition, which became a top Internet search result displacing the Senator's official website on many search engines, including Google, Yahoo! Search, and Bing. Savage offered in May 2010 to remove the site if Santorum donated $5 million to Freedom to Marry, an advocacy group for same-sex marriage.

Lizard Squad Attacks

In September 2014 the hacker group 'Lizard Squad' made multiple DDoS attacks on a variety of online games that include Destiny, Call of Duty: Ghosts, FIFA Madden, and Sims 4. The game servers were brought offline multiple times which caused a large commotion in the gaming community and on Twitter.

Anti-pedophile Internet vigilantism

Perverted Justice is a well-known example of an anti-pedophile organization that engages online volunteers in its activities to expose and convict adults who, using email or web sites, solicit minors in order to commit child sexual abuse. They often collaborate with television crews such as those from Dateline. Some freely hosted blogs claim to expose real or potential child sex offenders.

Another initiative, Predator Hunter, headed by Wendell Kreuth, aims to track down and expose the pornography-related activities of alleged 'sexual predators'. In 2002, Kreuth disclosed details of his activities in an interview with Minnesota Public Radio.

The Australian group MAKO has used the Internet to warn families about sex offenders in their areas, and to coordinate warnings about them.

Members of the subculture "Anonymous" have also been credited for seeking out pedophiles and collaborating with law enforcement. They describe themselves as a collection of individuals united by ideas. They left a mark with the arrest of Canadian pedophile Chris Forcand. In early November 2011, Anonymous launched Operation Darknet, which targeted websites that distribute and traffic child pornography. Anonymous reportedly leaked the personal details of more than 1,100 pedophiles to Pastebin, and invited FBI and Interpol to investigate the information for leads.

Members of the Usenet group Alt.Hackers.Malicious have also been known to target and expose child predators, taking credit for dozens of arrests and convictions. They are most well known for breaking into the NAMBLA servers on three separate occasions, downloading and disseminating the organization's membership information as well as emails which directly led to several arrests and convictions of child sexual abuse.

In June, Anonymous members claimed to have located and identified two predators in Edmonton, Alberta, Canada. After passing on the information and "evidence" including a video purportedly showing one of the alleged pedophiles attempting to lure youths, Edmonton police announced they would not be able to lay charges due to a lack of real evidence. They also stated that Anonymous' interference and public attacks on their integrity in the media were interfering with their investigation of legitimate cases, and not providing them with any help. An e-mailed statement to media from Alberta Law Enforcement Response Teams’ Integrated Child Exploitation (ICE) Unit in Edmonton said, "The video postings this week have not only hampered our investigations, but have also distracted our ICE team and investigators from other work," adding "The time we have spent dealing with these videos has been at the expense of other important child sexual exploitation investigations." ICE followed up by saying they are committed to working with any tipster who can help them stop child exploitation, including Anonymous.

Identity theft activism

Organizations similar to vigilante action against pedophiles also target ID theft. Posing as ID thieves, they gather stolen personal information such as "dumps" (the raw encoded information contained on a payment or identification card's magnetic stripe, microchip or transponder), bank account numbers and login information, social security numbers, etc. They then pass this information on to the associated banks, to credit monitoring companies, or to law enforcement.

Other groups specialize in the removal of phishing websites, fake banks, and fraudulent online storefronts, a practice known as "site-killing". Artists Against 419 is a web site specializing in the removal of fake bank websites. Such groups often use tactics like DDoS attacks on the offending website, with the aim of drawing attention to the site by its hosting service or rapid consumption of the site's monthly bandwidth allowance. The Artists Against 419 always argued their tools were not a denial-of-service attack. At any rate they abandoned such tactics some time ago.

Profit

Some companies engage in Internet vigilantism for profit. One such example is MediaDefender, a company which used methods such as entrapment, P2P poisoning, and DDoS attacks.

Other political activism

Around the time of the 2008 Summer Olympics torch relay, which was marred by unrest in Tibet, Chinese hackers claim to have hacked the websites of CNN (accused of selective reporting on the 2008 Lhasa riots) and Carrefour (a French shopping chain, allegedly supporting Tibetan independence), while websites and forums gave tutorials on how to launch a DDoS attack specifically on the CNN website.

Real crime vigilantes

Some people form themselves into vigilante groups aiming (overtly) to expose injustice, whitewash and cover-ups in high-profile criminal cases against innocent victims, often children. Recent cases include the death of JonBenét Ramsey in the USA and the disappearance in Portugal of the British girl Madeleine McCann.

Anti-software piracy Internet vigilantism

An example cited on the tech news site securityfocus.com by Kevin Poulsen illustrates how two coders implemented and distributed a program that disguised itself as activation key generators and cracks for illegal software circulating on peer-to-peer file sharing sites. The duo researched software that was popular on these file sharing sites and tagged their code with their names. As soon as the software was executed, it displayed a large message: “Bad Pirate! So, you think you can steal from software companies do you? That's called theft, don't worry your secret is safe with me. Go thou [sic] and sin no more." The software then called back to a central server and logged the file name under which it was executed, amount of time the message was displayed on the downloader’s computer screen and their IP address. The information gathered was then re-posted onto a public website showing the downloader’s IP address and country of origin. The program also had a unique ID embedded into each downloaded copy of it for tracking purposes to keep track of how it traversed the different networks.

Prevention

Many sites have taken measures to prevent vigilantism. One form is the reporting and deletion of any sensitive information regarding an individual or group that can lead to their identity being known. Admins, moderators, users, and bots all take action to find and detect doxing.

Legislative framework

In 2002 in the United States, Representative Howard Berman proposed the Peer to Peer Piracy Prevention Act, which would have protected copyright holders from liability for taking measures to prevent the distribution, reproduction or display of their copyrighted works on peer-to-peer computer networks. Berman stated that the legislation would have given copyright holders "both carrots and sticks" and said that "copyright owners should be free to use reasonable, limited self-help measures to thwart P2P piracy if they can do so without causing harm." Smith College assistant professor James D. Miller acknowledged the threats to the privacy of legitimate Internet users that such actions would pose, but drew comparisons with other successful crime-fighting measures that can invade privacy, such as metal detectors at airports.