Let me begin by stressing this is not a political statement. At Komando.com we try and stay out of the political arena.
With this article, we’re going to tell you about a potential security exploit that you may already be a part of without knowing.
How bots are using unsuspecting victims’ personal information
If you’ve been paying attention to the news recently, you might know that strict net neutrality rules put in place under President Obama’s administration could be overturned. New FCC Commissioner Ajit Pai has said he wants to roll back the regulations.
Net neutrality is the rule that internet service providers (ISPs) give consumers access to all legal applications and content equally, without favoring certain sources or blocking others. It prohibits ISPs from charging content providers for faster delivery of content on what’s dubbed “fast lanes” and intentionally reducing the speed of content from providers that may compete with ISPs.
Those who are in favor of keeping net neutrality rules in place have been encouraged to let the FCC know by commenting on its site. In just the last few weeks, the FCC’s public comments system has been bombarded with comments on the topic. Over half-a-million comments on net neutrality have been posted, both pro and anti.
It turns out that many of the anti-net neutrality comments may have been posted by automated bots. Researchers analyzing bot traffic discovered over 125,000 of the anti-net neutrality comments were automated. Most of the automated comments left the following message:
“The unprecedented regulatory power of the Obama Administration imposed on the internet is smothering innovation, damaging the American economy and obstructing job creation. I urge the Federal Communications Commission to end the bureaucratic regulatory overreach of the internet known as Title II and restore the bipartisan light-touch regulatory consensus that enabled the internet to flourish for more than 20 years.”
This is where the security exploit comes in.
To post a comment on the FCC site, the person leaving the message must also give their name and address. That means for a bot to post thousands of comments, thousands of unsuspecting victims’ personal information is used. The personal data most likely came from data breaches that have occurred over the years or public voter registration records.
How to check if you are part of the automated bot
There is a way for you to see if your name and address has been used by this automated bot on the FCC site. Use the following directions to find out:
Click here if you want to check and see if your name and address has been used by the bot. Once you reach the site from the link, click on Search for Filings in the upper left part of the page. Then type your full name next to Name of Filer and select your state from the State drop-down box and click Search at the bottom of the page.
This will take you to a results page showing all the matching names in your state. Click on each matching name to find out what home address was used to file the comment. If you find a matching name with your address, you’re part of the bot.
Image: Example of FCC comment page with messages posted by bots.
It’s scary to think our personal information can be used to make political comments without our knowledge. One problem here is the FCC doesn’t have a system in place to keep automated posts off its site. It should at the very least implement the “captcha” system to prove users are human.
Did you know that your personal information is searchable online? Click here to learn how to opt out of the most popular people search sites.
Has your info been used in this bot campaign? Leave a comment and let us know.