Blog : General Useful Info

Know the Troll, Defeat the Troll

– Original article by Paul Jun, via > – Edited

A University of Manitoba study in September 2014 revealed what we already instinctively know about trolls: They just want to have fun.

It even went on to say that online trolls, whose behaviour extends from the digital world to the real, tend to manifest behaviours of sadism more so than psychopathy (the inability to feel empathy towards others, unemotional) or Machiavellianism (the tendency to manipulate or deceive others).

In a recent New York Times article entitled “The Agency”, journalist Adrian Chen recounted his experiences in St. Petersburg, Russia while following several leads on hoaxes which sprung from the Internet that he later on found out were campaigns spun by paid trolls.

The piece was a true eye-opener for the unaware, and the chilling twist at the end of Chen’s journey made us realize several points: one, anyone can fall prey to trolls; and two, more often than not, targets are not aware that they’re already getting played.

What is trolling?

Trolling is generally seen as a behaviour or an act of intentionally starting arguments meant to upset, defame, disrupt, or provoke.

This is done by posting off-topic remarks on social networks, the comments sections of online news outfits, forums, and chat rooms.

Although popular media equated trolling with online harassment, it shouldn’t be mistaken with cyberbullying.

Psychologists looked into and studied trolls in order to understand what makes them tick. Personality types emerged as a factor and so was environment.

On the Internet, anonymity and being with a faceless crowd can make people do and say things that they normally wouldn’t do or say under the watchful eye of polite society. Being able to act out, thanks to these, is what psychologists call deindividuation.

There are several faces of trolling, according to Netlingo, a highly popular Internet dictionary. They listed four types, which we replicated below:

  • Playtime Trolls: an individual plays a simple, short game. Such trolls are relatively easy to spot because their attack or provocation is fairly blatant, and the persona is fairly two-dimensional.
  • Tactical Trolls: This is where the troller takes the game more seriously, creates a credible persona to gain confidence of others, and provokes strife in a subtle and invidious [sic] way.
  • Strategic Trolls: A very serious form of game, involving the production of an overall strategy that can take months or years to develop. It can also involve a number of people acting together in order to invade a list.
  • Domination Trolls: This is where the trollers’ strategy extends to the creation and running of apparently bona fide mailing lists.

Know Your Meme, another popular domain, listed several ways of trolling, which you can read more here.

TaaS: Trolling-as-a-Service

In recent years, we’ve seen trolls emerge from causing mischief to fulfilling a collective cause, under orders with a generous monetary compensation tied to it. Chen’s experience with paid or sponsored trolls is merely one of the few we’ve only heard or read about on the Internet.

Astroturfing, the deceptive tactic wherein an individual or a group would express support for a product, idea, or cause mainly for the purpose of reshaping public opinion, is currently practiced by some organizations in order to make people believe what they want them to believe.

One example is what we now know as the Discredit Bureau, which one Monsanto lead revealed they employ in order to discredit scientific findings that are in disagreement with the company’s.

State-sponsored trolls—who are also tactical trolls, in this case—can not only help disseminate false information but compromise security as well.

In the middle of 2012, Malware Intelligence Lead Adam Kujawa shared in a post that trolling tactics were used to lure Syrian activists to download and install a piece of software that claimed to encrypt Skype conversations.

The said software, a PIF file, was actually BlackShades RAT, which is capable of logging keystrokes and taking remote screenshots of the infected system.

This BlackShades variant was also capable of hijacking the affected user’s Skype account in order to spam the PIF download link to his/her contacts for further infection.

“Don’t Feed the Trolls”

We often hear people advice others to not react or resort to counter-punching trolls with equal vitriol.

Some find that doing this is not easy, and it never really is. Not feeding the trolls doesn’t mean one should take the abuse quietly either.

There are better ways to handle a troll encounter other than verbal retaliation.

Keeping calm, as a matter of fact, helps a lot. If needed, step back and take a break. We’re none the wiser if we react out of emotion. Realize that sabre rattling with trolls ends in futility as it is what they want to happen.

Moderate comments, block and blacklist trolling parties if you can. Majority of social networks have ready functions you can use to do this, and more.

Setting your profile to private (temporarily or permanently) is another way to nip trolling at the bud.

Falling for and (worse) propagating ideas spun by paid trolls can be seen as feeding or siding with them. More often than not, such thought-out and highly organized campaigns are not known until it’s too late. One way to avoid such pitfalls is to fact check what is being said. It’s easy for trolls to take advantage of people who usually believe what they see and what is said on the Internet. More often than not, people take these at face value and share it with others.

The study of trolls and trolling behaviour is, as of the moment, a premature science. We may not know a lot about it, but we know that they can fall under the category of social engineering. We also at least have an idea of what drives them to do and say things that are generally frowned upon.

As such, it’s important to keep them in mind when logging in to the Internet every day. Avoiding trolls is human, but not letting them into your head is divine. Find out how in ‘Tips to Deal With Trolls’, below.


*Malwarebytes is the #1 Malware Removal Tool, recommended by Security Pros.
The team behind its creation also runs the blog (Source) that alerts you of the latest hacking threats and security breach occurrences, as well as tips to protect yourself against them. We highly recommend you to visit it and bookmark it for future reference.

Tips to Deal With Trolls


Understand the Troll

To defeat the enemy, we must understand them first. There are two fundamental reasons why a troll trolls:

  1. They’re bored: Trolls lack stimulation “IRL” (in real life), for good or ill, so they seek it online where it’s readily available and easily acquired. A troll’s behavior reflects a deep insecurity so having someone respond to their words gives life meaning, regardless of how pathetic that may sound. If a troll had something better to do, like work or a hobby, they wouldn’t have time to troll. The next time you find yourself posting a negative comment think about why you’re doing it.
  2. They want attention: All a troll wants is you to turn the spotlight onto them. They want you to re-post their comment to your followers. They want you to write a blog post or status about them. They will use anything and everything to get it. They will criticize you, post inflammatory comments, or write remarks just to make you wonder how someone could be so dumb. The problem is that you will feel compelled to respond to “set things right.” Even if you respond in a cheerful or positive way, you’re still feeding the troll.

Why We Feed the Trolls and How to Stop

The reason we respond to negative comments is the same reason a troll does what they do: ego. When someone unknown comes at us, it’s part of our human nature to defend ourselves. A part of us doesn’t want to stay silent, because we think silence means surrendering, and surrendering means losing. That’s just a bad philosophy.

After years of dealing with this kind of behaviour, both in a virtual reality and in the comment sections of an article, the harsh reality is this: You will never beat a troll. You will never change a troll’s mind. You may delude yourself into thinking that you proved them wrong, however, never in years of dealing with trolls have we seen a troll lay down his or her arms and say, “You know what, you’re right. I was so wrong.”

Indeed, blowing off steam after dealing with a troll is our first reaction. It’s like driving: someone cuts you off, you feel disrespected, so you drive up next to the person’s window so you can see what they look like, or you flash some hand gestures to let them know that they aren’t getting away with it. What makes this practice of not responding to trolls so difficult is that many of us are naturally inclined to react to our impulses. It’s so much easier to respond than it is to hold back.

Use foresight

So a troll is attacking you. Ask yourself: If I respond to this troll, what will likely be the outcome? This requires us to pause and take a breath. We need to be mindful of what we’re telling ourselves after reading something that attacks our ego. What are we feeling and why? Are we angry because the troll’s comment contains validity? Have you seen this scenario before in other settings? These small shifts in our perception should influence us to not feed the trolls, to realize that any attempt to change a troll’s mind is an exercise of futility.

Talk to a friend

Sometimes we need to vent. No meditation or deep breathing exercises—just straight-up getting it off our chests.

Practice your principles

If you don’t have principles on how to deal with trolls, now is the time. The reason why abiding to principles is so helpful is because they tell us how to act. “Do this, not this.” It focuses on the long-term outcome, whereas acting on our impulses creates many possible—and unfavorable—results. If there is one thing we can learn both in psychology and philosophy, it’s this: No one can hurt you. It is what we tell ourselves about the specific event or person that creates the feeling. So if we’re telling ourselves, “How dare this person say this to me,” we’re creating feelings of entitlement and anger. In the words of Marcus Aurelius, “It can ruin your life only if it ruins your character. Otherwise it cannot harm you — inside or out.”


As we become more vulnerable online, the chances of being trolled increases. The more you ship and put yourself out there, the more likely you will come across people who despise or don’t understand your work. Because technology is maturing faster than we are, trolls will always exist and will feel compelled to sabotage you and your work. Why? Because they have nothing better to do. It rattles them to see you pursuing an artistic and worthy endeavor. 

Is a world without trolls possible? Highly unlikely. So we must stop asking the impossible. Instead, we can follow the one principle that safeguards our creativity and productivity, and keeps the troll at bay. Whatever you do: Don’t feed the trolls.

Edited excerpts from ‘Don’t Feed the Haters: The Confessions of a Former Troll’ – Original article by Paul Jun, via > 

Online Scams: How To Spot Them and Protect Yourself


How to spot a scam

It can be difficult spotting a scam, and fraudsters are often very cunning – catching people out is often their full-time job. Avoid falling for scams by asking yourself the seven simple questions below. If you answer yes to any of the following, there’s a good chance it’s a scam.

1. Contacted out of the blue?

Unsolicited contact is more often than not a sure sign of company you don’t want to deal with.
Whether you’re looking to invest, or searching for a new bank account, you should always be the first one to make contact.

2. Is the deal too good to be true?

Scams will often promise high returns for very little financial commitment. They may ever say that a deal is too good to miss.
Use your common sense, if a deal is too good to be true, it inevitably is.

3. Asked to share personal details?

Never share your personal details with anyone you cannot validate is who they say they are.
Phishing emails or phone scammers will often try and get valuable personal data from you, and they can use this to steal your identity or steal your money.

4. Pressurised to respond quickly?

Never proceed unless you are absolutely certain your money will be safe. Once you transfer, it may be too late.
Scammers will often try to hurry your decision making, always take a breath and think things through.
Salesmen in particular should always give you time and space to make an informed decision; anyone who tries to rush you is not to be trusted.

5. Are the contact details vague?

Vague contact details can be a PO box, premium rate number or mobile number.
If anything goes wrong it’s important you can contact those involved. This will be difficult if you don’t have accurate contact information.
Premium rate numbers are also a favoured trick for squeezing every penny they can out of you.

6. Grammatical or spelling mistakes?

Legitimate organisations will rarely, if ever, make glaring grammatical or spelling mistakes, and if so they will usually be an isolated incident.

Scammers often use bad grammar and spelling to ensure only the most vulnerable people will respond to their messages.

7. Are you asked to keep it quiet?

Being asked to keep something quiet should be a red flag. It’s important you can discuss any agreements with your friends, family or independent advisors.
Often asking you to stay silent is used to keep you away from the advice and support you need in making a decision.

Top five email scams revealed

Bank scams, Paypal scams and tax rebate scams top the email phishing list in the survey of 2,016 adults carried out by ‘Which?’ in January, 2015.
Email inboxes are a valuable target for scammers with 54% of respondents claiming to have been personally exposed to a scam, or have a friend or family member who had.
Below are the top five.

1. Bank scam emails

Taking the top spot, bank scam emails were the most common with 69% of survey respondents reporting having received one.

And it’s clear to see why. A few pieces of key information may be all the scammers need to get into your account and get hold of your money.
Bank scam emails often say there’s a problem with your account, and ask you to update your account details, either by email or by clicking on a link.

Never click on a link in an email. If you want to check your details either call your bank or go directly to your bank’s official website.

2. Paypal scam emails

Paypal is a clear target for the scammers as it handles billions of financial transactions globally, every day.

The popularity of the money transfer platform makes it a valuable target for scammers with 59% of our survey respondents reporting scam emails claiming to be from Paypal.

An email from PayPal won’t ask you for sensitive information like your password, bank account, or credit card details. Neither will a legitimate email contain any attachments or ask you to download or install any software.

3. Tax rebate scam

According to HMRC (UK) almost 75,000 tax refund scam emails were reported to the taxman between April and September 2014, and have been reported by 42% of our survey respondents.

The emails promise a tax rebate, and often ask for key information including account numbers and passwords to make the payment.

If you provide the information, money can be stolen from your bank account and your details could be sold on to criminal gangs.

Tempting as it is to think you’re entitled to a tax rebate, HMRC (or the equivalent in your country) will never ask for your bank account details via email.

4. Scam emails purporting to be from HM Revenue & Customs

Scam emails purporting to be from HMRC were reported by 40% of respondents. HMRC scam emails can take several forms which are different to the common tax rebate emails, maybe stating that you have made a mistake on your self-assessment form, or that your tax notice has been issued.

Some even ask you to verify your identity by providing a copy of your passport. Never respond to these emails and instead speak to HMRC directly if you are at all concerned.

5. Scam emails seeking money for services or help

Finally, 35% of respondents said they’d received emails seeking money for services or help.
Scammers are constantly refining this technique, which will often prey upon the most vulnerable with desperate pleas for aid or offers of low investment and high return.

Unsolicited contact promising a return too good to be true will be exactly that – too good to be true.

If it looks like someone in your contacts list has sent you a plea for money, contact them directly through another channel to ask if they have sent the email.

Other scams

Other scams to be aware of right now include the following:

Phone scams

These cold call scams typically involve fraudsters deceiving people into believing they are speaking to a police officer, a member of bank staff, or a representative of another trusted agency, such as a government department.
Usually the fraudster will convince an individual that they have been a victim of fraud, and will ask for personal and financial information in order to gain access to their account.
Beware giving bank details

Never disclose the following details:

– four digit card PIN to anyone, including the bank or police
– full password or online banking codes
– personal details unless you are sure who you are talking to

Top tactics to watch for

Another variation of a phone scam involves the fraudster persuading people to transfer money to other accounts or to hand over cash directly to a courier.

The fraudsters are known to encourage people to hang up and call their bank to verify the legitimacy of the call.

However, a phone line can stay open for up to two minutes, so the fraudsters remain on the line and play a dialling tone to trick the individual into thinking they’re calling their bank.

In fact, the fraudsters are still connected and the individual is not speaking to their bank, but is still connected to the scammers.

To ensure you don’t fall prey to this type of phone scam, remember that in no circumstances would your bank or the police ask you to take such actions.

Pension scams

Pension scams are not a new thing but they are likely to become more prevalent now people have many more options available to them when it comes to investing or spending their money.

Pension scams may be referred to by shady salesmen as:
• pension loans
• early pension release
• pension selling
• cashing in your pension
• pension liberation

These are all different names for an agreement to transfer your pension savings to an arrangement that allows you to access your funds before the age of 55 or as cash in larger quantities than currently allowed under the law.
Scammers may attempt to sell you a too-good-to-be-true, ‘one-off’ investment, usually via an unsolicited phone call, text message or email, or even in person after calling to your door.

They may even attempt to entice you with upfront cash payments.

Scammers will often offer a ‘free pension review’ to give the impression that they are honest and independent advisers.

You should only get a review from an Independent Financial Advisor registered with the Financial Conduct Authority (FCA).

How do I avoid pension scams?

You should always be suspicious if anyone calls you out of the blue to offer you a money-making deal.
If someone calls you, always ask to call them back. Reputable companies will always be happy to let you do this, whereas scammers tend to be more wary about giving contact details.

Any review of your pension should be conducted by a regulated financial adviser.

Research the company

Check the FCA’s register of regulated financial services providers. This will tell you if the company is registered as well as listing any companies being investigated.

Any company claiming to be government-endorsed is not telling the truth.

Don’t proceed unless you are absolutely certain your money will be safe. Once you transfer, it’s too late.

Postal scams

1. Postal scam or junk mail?

Postal scams are letters sent with the sole intention of obtaining money through deception or fraud.
There are many different types of scam mail, such as fake lotteries and prize draws, get-rich-quick schemes, bogus health cures, investment scams and pyramid selling.
It’s important to note there is a difference between scam mail and legitimate mail sent by companies to advertise lawful services or the sale of genuine goods.
This is much less sinister but no less annoying.

2. Is too good to be true?

Postal scams typically offer something that sounds attractive but in reality doesn’t exist.
There’s always a catch – you’ll often have to pay up front to receive what’s on offer and this type of scam is called advance fee fraud.
Two of the most common scams of this type are non-existent competitions and fake foreign lotteries.

So, before responding you should always consider whether what’s on offer seems too good to be true. If it does, then it’s likely to be a scam.

3. Lottery scams

You may receive a letter saying you’ve won a large amount of money on an overseas or online lottery.
The first thing to do is to consider whether you’ve actually entered an online or overseas lottery. Most people who receive these letters haven’t entered a lottery draw.

If you do respond and provide your personal information, the fraudsters will ask you to pay various fees so that they can release your non-existent winnings.

Each time you make a payment, the fraudsters will come up with a reason why your winnings can’t be paid out unless you make another payment.

4. Competition scams

Again, if you’re told you’ve unexpectedly won a prize, the first thing to consider is whether you’ve ever entered a prize draw.

The likelihood is that you haven’t so your ‘win’ is likely to be a scam.

Often a condition of these prizes is that you need to send money to claim your prize. But you may never receive the prize or it may not be what you expected.

Any legitimate organisation will pay these upfront costs, so anyone asking for a fee in advance shouldn’t be trusted.

Should you fall for one of these scams, there is a chance that you’ll be targeted again, as personal details are added to so-called ‘suckers lists’ which are then sold on to other fraudsters.

5. How to spot a postal scam

If you can tick off one or more of the following, it’s probably a scam and you should be suspicious:

– Bad spelling or poor grammar in a letter claiming to represent a company, royalty or a prize agency should be a clear warning the letter is not from a legitimate organisation.

– An unsolicited commercial or personal request. Do you even know of this company or person? If the name seems unfamiliar and you don’t recall ever signing up to the company or sharing details with them, you should be suspicious.

– Asking for money. Always start from the position that a request for money is to be treated with suspicion until proven otherwise.

You’re asked to pay up front to receive what’s on offer – processing or handling fees are a con.

There are also certain letter styles that are continually used in competition or lottery scam mail:
. coats of Arms
. seals
. serial numbers
. barcodes
. watermarks
. reproduced signatures
. rubber stamps

A letter containing these and promising you’ve won a prize draw or lottery you’ve never entered should ring alarm bells and you should never reply.

Microsoft phone scam

How does the Microsoft scam work?

A scammer calls you, and asks for you by name. They’ll say they are a computer security expert from Microsoft, or another legitimate tech company.

They’ll say that your PC, laptop or tablet has been infected with malware (or a computer virus), and that they can help you solve the problem.

The scammer will attempt to confuse you with jargon or ask you to open common Microsoft utilities and services that list what may appear to be problems with your computer.

Alternatively, they may claim you are running an unlicensed version of Windows, and you need to pay a licence fee.

Scammers may also offer you software to remove the ‘viruses’ on your machine, for a small charge.
In many case this will be security software you can get free from the Microsoft website in the first place.

The worst offenders will seek to convince you that they need access to your machine so they can fix any issues.

In reality they will install viruses or malware that will damage your machine and steal your personal details, passwords and data.

How to avoid the Microsoft scam?

No legitimate IT security professional is ever going to call you in this way. Hang up the phone immediately.
Don’t fall foul of the scammers, the Trading Standards National eCrime team recommend you:

. Never give anyone access to your PC, laptop or tablet
. Never give anyone access to your personal details
. Never pay a fee for any unsolicited technical help

5. Domain Name Purchase

If you are a website domain owner, it’s highly likely that you will receive this type of email at some point.

The sender usually poses as a hosting & domain provider (frequently from China) warning you that a client of theirs wants to purchase your domain name with a different country domain extension and that this will affect your brand name and/or search engine position. If you reply to this email, the sender will invariably tell you that in order to stop that client from using your domain name with the different extension, you will have to buy it first.

It’s a scam. Don’t reply.

Ways to spot a copycat website

There are a number of ways in which you can spot a copycat website:

Is it a paid search engine ad? Look out for paid-for search engine results. These are the boxed adverts displayed at the top of search engine result pages. Quite often the official site is the first or second non paid-for link that appears below these.

Read the homepage. Take a couple of minutes to double-check the site – don’t dive into filling out an application form. Visit the homepage and read the text there. It may even declare the site is not officially affiliated with the official body.

Check the web address. Don’t be fooled by a .org web address – this is no guarantee of an official website.

https vs. http. Although it’s not always a guarantee, you can check for ‘https’ at the beginning of the website address. On pages where you are entering personal information, ‘https’ acts as an encryption to protect your personal details whereas websites with http don’t encrypt your details.