Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Privacy

Using Fake Reviews To Find Dangerous Extensions (krebsonsecurity.com) 13

Brian Krebs: Fake, positive reviews have infiltrated nearly every corner of life online these days, confusing consumers while offering an unwelcome advantage to fraudsters and sub-par products everywhere. Happily, identifying and tracking these fake reviewer accounts is often the easiest way to spot scams. Here's the story of how bogus reviews on a counterfeit Microsoft Authenticator browser extension exposed dozens of other extensions that siphoned personal and financial data.

After hearing from a reader about a phony Microsoft Authenticator extension that appeared on the Google Chrome Store, KrebsOnSecurity began looking at the profile of the account that created it. There were a total of five reviews on the extension before it was removed: Three Google users gave it one star, warning people to stay far away from it; but two of the reviewers awarded it between three and four stars. "It's great!," the Google account Theresa Duncan enthused, improbably. "I've only had very occasional issues with it." "Very convenient and handing," assessed Anna Jones, incomprehensibly.

This discussion has been archived. No new comments can be posted.

Using Fake Reviews To Find Dangerous Extensions

Comments Filter:
  • by Mononymous ( 6156676 ) on Thursday June 03, 2021 @05:48PM (#61452168)

    it very good help me with a internet.

  • Should be automized (Score:4, Interesting)

    by gurps_npc ( 621217 ) on Thursday June 03, 2021 @06:10PM (#61452242) Homepage

    That is, all review companies should automatically:
    1) Look for positive reviews of fraudulent products.
    2) Flag and check/disable any other product that got good reviews from those reviewers.
    3) Flag other people that gave positive reviews for those new products, and repeat.
    4) Keep all those 'reviewers' active. Do not kick them at all.

    Throw in a human to double check any complaints from valid products.

    The thing is, it doesn't even matter if the 'good reviewers' are real people or not. We are not accusing those accounts of being bots or paid or fake. We just are using them as a sign of a criminal product.

  • by nyet ( 19118 ) on Thursday June 03, 2021 @06:36PM (#61452278) Homepage

    this is credit card department

  • by OrangeTide ( 124937 ) on Thursday June 03, 2021 @06:55PM (#61452320) Homepage Journal

    Anyone who has been gaming in the past 3 decades knows that authoritative-seeming reviews from popular gaming magazines are often paid shills and even as the gaming industry has been rocked by multiple exposures of corruption the practice kept coming back. There is simply not enough money in the business of providing honest reviews when compared to the envelopes of cash in the fake review (advertising) industry.

    It's the same behavior we've always seen. Except now you can cheaply create an army of bots posting barely literate reviews and accomplish the same effect. This is going to be a battle of attrition and I expect the end result is the complete removal of user submitted reviews rather than the "good guys" beating the scammers.

    • by Solandri ( 704621 ) on Thursday June 03, 2021 @10:03PM (#61452738)
      It's not a matter of honesty nor money. The game publishers provide early-access to their new releases to gaming magazines (and now websites and blogs/casters) for review. If you give bad reviews, they simply stop giving you early access for future games. Which is a death sentence for a review site or magazine. That results in all the early reviews being dishonestly positive, just to stay in the game publishers' good graces.

      It's kinda analogous to the situation with Apple's app store that's on trial right now. All the publishers hate Apple's policies, but they're scared to death to speak out because it'll be financial ruin if Apple cuts them off in retaliation for criticizing. It's cancel culture carried to the extreme in business.
      • by Bert64 ( 520050 )

        Not only that, but the lack of review copies means you have to actually go and buy the game on launch day at full price in order to review it.

        Unless you have money to burn or derive sufficient revenue from your reviews to cover the costs, you're not going to buy a game just to review it for a few days and then never play it again.

    • by stikves ( 127823 )

      This can only be fixed if there is a 3rd party intermediary between the publishers and reviewers.

      For example, before next GTA game launches, instead of sending download codes to select gaming publications, Take 2 could give Microsoft, Sony, Steam, and GoG several thousand keys to distribute. This way they will not blacklist any gaming outlet just because they made the mistake of a honest review ("the servers were timing out, and there were glitches on level loading".... T2: sure, thanks for the remarks, now

  • by rossz ( 67331 ) <ogreNO@SPAMgeekbiker.net> on Thursday June 03, 2021 @08:06PM (#61452486) Journal

    Fake reviews also plague Amazon. I remember I was a bit skeptical about one product on Amazon and a few glowing reviews. So I looked at the reviewer histories. They gave five star ratings and high praise for the exact same products on the exact same day. Needless to day, I chose not to buy from that Amazon affiliate.

    • by Bert64 ( 520050 )

      Fake reviews can go the other way too. At some point fake reviews will reach a tipping point where they do more harm than good. Then people will start posting fake positive reviews of their competitors products in order to discredit them.

      Reviews in general are pretty worthless unless they're written by someone you trust who has similar requirements to you. People often give restaurants bad reviews because they don't like the style of food being served for instance. It's not that the food was bad, it simply

      • by rossz ( 67331 )

        Supposedly, there have already been instances of competitors posting fake negative reviews. You are right, it's going to reach a tipping point and the entire concept of customer reviews will be rethought.

  • by Vintermann ( 400722 ) on Friday June 04, 2021 @01:23AM (#61453042) Homepage

    "Very convenient and handing" sounds like a synonym-spun sentence. Probably "handling" is in their list of synonyms for "stable" or "reliable" or something.

    I remember they found out language models trained on wild texts from the internet had learned to recognize synonym-spun articles, and produced plausible synonym spun garbage when prompted with it, such as referring to Contemporary York Instances [twitter.com] (which is what you get when you synonym-spin "New York Times")

  • One trick... (Score:4, Insightful)

    by bradley13 ( 1118935 ) on Friday June 04, 2021 @05:54AM (#61453358) Homepage

    One trick is simple: Ignore the positive reviews. They may be bought, they may be from fanboys, whatever. They are rarely informative.

    Read the negative reviews. Find out what people don't like about a product. If the things they don't like are something you care about, then it's not for you. If they're complaining about stuff that doesn't matter to you, then go for it. Some examples:

    • A hotel review that complains the hotel is too far from the city nightlife? That's a hotel I want: nice and quiet.
    • A keyboard review complains that it doesn't have programmable light patterns. I couldn't care less - if that's the only problem, I may buy it.
    • A computer review complains that the fans are noisy. That's would matter to me, so no thanks.

    Now, wait for sellers to start paying for negative reviews :-P

    • This has been my strategy for as long as Amazon has been around. I EXPECT the product to be perfect when it gets to my door, so someone giving it 5 stars and saying 'works great' is useless. People telling me that a toaster oven gets so hot on the outside it melts its own plug (true review, with pictures) is far more useful. Telling me about all the nitpicky crap that just irritates you even if it works just fine is right up my alley. Nobody gives you as much detail as an irate reviewer. You'll always learn

You are always doing something marginal when the boss drops by your desk.

Working...