Investigations Archives

Tips to Identify Fake Images Online in 2023

Identifying a fake image online can be challenging as technology has made it easier to manipulate images. In a blog post from 2020, titled “OSINT Research & False Positives” we discussed how easy it was to create a computer generated image. However, fast forward to 2023, with the explosion of artificial intelligence, creating computer generated images of all kinds have taken on a life of their own.

Taking a closer look at examples of fake images can help to train your eye to look for certain traits of the image to determine it’s legitimacy. Nothing is infallible of course, but there are some steps you can take to assist in identifying fake images. In fact, next time you have some time to kill, check out “Which Face is Real” to test out your knowledge!

Signs of computer-generated manipulation

The photo above was identified as fake through Snopes.com’s fact checking. The photo was posted to a Twitter user’s feed. Snopes is a great resource for debunking fake profiles, images and news. According to the article on the site, “The photo was generated by artificial intelligence (AI), with several telltale signs of computer-generated manipulation. For examples, an area near Trump’s lower lip showed another trace of lip; the faces of the presumed Secret Service agents and many crowd members were disfigured; some heads looked more like skulls, and the flags’ coloring wasn’t consistent. Additionally, the man immediately behind Trump not only had signs of digital doctoring in his face but also his right hand.”

The photo was fake; it was not a genuine documentation of Trump arriving to New York for his booking and arraignment. The Twitter user acknowledged that fact, writing in a reply tweet, “I didn’t find this [photo]. I generated it via prompts.”
Source: Snopes.com

Systems such as Stable Diffusion, DALL-E, and Midjourney make it easy for anyone to create images to fit their narrative. The good news is that historically, AI generated systems have struggled to mimic human hands as an example. Something to keep in mind, for now at least.

Scientific American’s recent article on Artificial Intelligence, states that the some AI images are so hard to detect that it may take AI to identify it as being a fake!

“It’s pretty amazing, in terms of what AI image generators are able to do,” says S. Shyam Sundar, a researcher at Pennsylvania State University who studies the psychological impacts of media technologies. “There’s been a giant leap in the last year or so in terms of image-generation abilities.”

Tips to Identifying Fake Images Online

Look for inconsistencies: Study the photo carefully for inconsistencies or irregularities in the image. Look for blurred edges, mismatched shadows, or disproportionate objects. These inconsistencies can be a sign of photo manipulation.
Check the metadata: Most digital photos contain metadata that includes information such as the date, time, and location of the photo. Check this information to ensure it is consistent with the photo’s content.
Reverse image search: Use a reverse image search tool like Google Images, Bing Images, Yandex Images or TinEye to check if the photo has been used elsewhere on the internet. If it has been used in different contexts, it may be a sign that it’s a fake.
Consult experts: If you’re still unsure about the authenticity of a photo, consult experts such as photo forensics specialists, journalists, or fact-checking organizations.
Be skeptical: Finally, always approach photos online with a healthy dose of skepticism. Be wary of photos that seem too good to be true or those that are designed to elicit an emotional response.
Look for a Watermark: DALL-E 2 places a watermark on every photo generated through their system. The Watermark is shown below (the color bar). It is placed very small on the image. It can be removed however, so it will not always be shown.

By following these steps, you can increase your chances of identifying a fake photo online.

Breaking Down BeReal

It is interesting to think about how social media has changed our world. We have grown from corded wall phones, to flip phones to now mini computers we carry around with us everywhere we go. It isn’t enough for society to have instant conversations through emails, text or phone calls, but we need to share our daily activities through an app using pictures, videos and captions. Gone are the disposable kodak film cameras and in are the kodak film filters to make your iphone selfie look ‘vintage’. With the use of great lighting and precise movements, someone could be using a filter to change their face shape, hair color, eye color, lip size and so much more. Influencers are not influencing honestly, society has molded and shaped a reality that is fake and inhuman. No one wants to share their insecurities; they would rather mask them with technology and paint a picture that is not real life.

With this being said, we are being introduced to a new app that forces you to share your insecurities. No more being able to take 50 photos and choose the best one, and most of all no filters. The social media application, BeReal, was introduced in December 2019 by Alexis Barreyat and Kévin Perreau. The popularity grew overseas as the French creators launched BeReal, and now it is spreading world wide. This app pushes users to share who they are in the moment, with no addons, and now it is among the latest trending social media apps.

Move over Emoji….

So how does BeReal work? Once the app is downloaded, you have the opportunity to make a public or private profile. If your profile is made public, just like Instagram or TikTok, your image each day gets shared to an explore page for the public to interact with. If shared just with friends, the image populates in a feed for your friends to see each day. The app was built to display transparency in just about every way. Instead of choosing an emoji to respond with when looking at a post, you reply using what the app calls a RealMoji. This presents you with the same basic reaction emojis that you see on any other social media app, you choose which emoji you want to respond with and you are then prompted to recreate that emoji with your own photograph, your own face

BeReal and Transparency

Each day at a random time you will be alerted by the app that it is time to post a BeReal for the day. Once you open the alert and navigate into the app you have 2 minutes and 2 minutes only to take a photo of what you are doing at that moment. The transparency doesn’t end there. Not only are you taking a selfie of yourself or maybe a photo of the activity you are currently doing, but you take two photos. One photo is from your front facing camera and the other is from your back facing camera. So you are posting a full representation of where you are and what you are doing. You can retake your photo as many times before the 2 minutes are up, but be wary because everyone on the app (if your profile is public or friends if your profile is private) can see just how many times you re-took your photo. Once you begin posting, only you can go back and see the previous posts you’ve made. If you don’t want to post one day, that’s okay don’t post. But if you don’t post, you won’t be able to see your friends BeReals for the day.

What About Safety?

Of course BeReal has some questionable features as well. If you make your profile public, there is no end to who could see your photo or what reaction they could send you via Realmoji. This opens up the normal social media downfall of trolling and bullying. But posting publicly, you have no clue who is seeing your posts which opens up the door to someone taking screenshots of your content. Similarly to Snapchat, BeReal will show exactly who has screenshotted your post, but that doesn’t delete it from their device. Another questionable feature of BeReal is the reporting. There is no currently available option to report a post with specific detail, you are just prompted with the simple ‘it’s undesirable’ or ‘it’s inappropriate’. Just like any other social media website/application it is almost virtually impossible to moderate the content being shared, so you have the possibility of seeing explicit/inappropriate content shared by the public.

Saving the best feature for last, BeReal (similarly to Snapchat) has a geotagging feature. As long as the app has access to your location settings, it will share your EXACT location on a map immediately with your post. With the setup of this app, you can not post an experience later when you get home and tag your previous location. You are sharing within a two minute window exactly where you are. This is a very large safety concern for many users, and for many parents of younger users.

Investigating BeReal

So what does this mean for investigators? This is another app to be keeping your eyes on when looking into a subject. You can search for specific people through BeReal, but the catch is that you can only see people’s content if you post yourself. Usually within investigations, you are wanting to capture something from someone’s online presence. Since the app is only available on an android or iPhone, capturing a post without being seen is difficult due to their screenshotting feature. It has been posted online that there is no way for users to know if you have taken a screen recording of someone’s post, which proves to be helpful for investigators but a slight safety issue for the users. So what do you think? Is BeReal setting a standard for the future of social media? Only time will tell.

The Tumblr Comeback

There has been unrest in the world of social media since well known social media and networking site Twitter was purchased by billionaire Elon Musk. Many users are unhappy with the changes that are being brought to the site and are realizing that they will most likely have to share their thoughts, opinions and ideas in a new way on a new platform… And that platform just happens to be Tumblr.

Tumblr was founded by David Karp in 2007, following the recent launch of Twitter in 2006 and Facebook in 2004. The site was built to be a simple microblogging social media platform, but with the feature of being able to share multiple forms of media. Tumblr users could design their own page, posting and sharing videos, pictures, GIFs and text posts. The site quickly gained popularity and by 2013 had seventy-three million accounts. By this time Tumblr was acquired by Yahoo! Inc for 1.1 billion dollars.

For those who never used Tumblr, the site was known to be “whatever you want it to be”. There were no limits on what you could share and or how you shared it and this idea attracted quite the mixing pot of users. The site quickly became ‘fandoms homeland’ according to Mashable. Users got to write fan fiction, share illustrations, clip down moments from shows or movies and repost them out of their original context to fit whatever fantasy they wished.

With this mindset of being free to post whatever you wanted came the infiltration of pornography on the site. Pornography workers who didn’t fit industry standards at the time made their way over to tumblr and grew their fame and following by blogging and sharing explicit images or videos. Tumblr became a site where people freely shared their sexuality, creating and sharing NSFW illustrations, fetish art/pornography, queer erotica and so much more. The layout of Tumblr is unlike the social media layouts we see today. Users do not receive curated feeds based on what the algorithm thinks you would like to see, Tumblr users follow hashtags, keywords and follow pages that are similar to their own, creating a tight-knit community of people just like you.

In 2018 Tumblr saw a major change… Apple removed the app from their app store due to rumors of child pornography being shared on the site. In response Tumblr took action and banned adult content from the app completely. Immediately the users who found fame on the platform began leaving and finding new ways to share their content. The platform relied on digital tools to hand pick the banned content, and of course there were issues. Explicit content was being missed while other content began being flagged even though it didn’t contain anything against guidelines, resulting in even more people abandoning their accounts and fleeing to different social platforms.

This brings us full circle to 2023 where the phrase ‘tumblr comeback’ is being tossed around on the profiles of unsatisfied Twitter users. The millennials that originally had accounts on Tumblr are searching for a new platform to share their thoughts in text form and not in the form of a TikTok video, which is leading them back to Tumblr. Gen Z is also finding their way to Tumblr for the first time. Tumblr, now owned by Automattic, a parent company of WordPress, reports that 61% of their new users are a part of the Gen Z demographic. Also reporting that 48% of the site’s users are Gen Z as well.

The site remains the third most popular blogging site in the US, Canada and the UK, although users had left it in the dust for so many years. Many people don’t believe that Tumblr will ever become relevant again and will crumble as MySpace did, but users are beginning to prove them wrong. Though the site has a long way to go before competing with the Twitter universe, they are an attractive FREE alternative. Heading into 2023, the site has once again lifted their ban on nudity saying in a blog post “we now welcome a broader range of expressions, creativity and art on Tumblr, including content depicting the human form (yes, that includes the naked human form). Only time will tell if users will continue to abandon the sinking ship that is Twitter and find their way over to Tumblr, whether they are a first time user or are returning back to their beginnings. Either way, we may be seeing a Tumblr comeback.

Fake Profiles & Online Impersonation

When watching my local news the other evening, I heard of a case that really surprised me. A Town Commissioner of a small town in North Carolina, disagreed with his fellow board members over a specific topic. So much so, that he decided to create a fake Facebook profile and use it to harrass and argue with residents. Later, he admitted using a Charlotte area businessman’s real name & real profile picture. The surprising part of this is that we expect this from scammers, but not someone who would be sitting on a board of a city or town. It seems that these days, anything is possible. Being proactive is a must.

Online Impersonation Tricks

Facebook Marketplace: Fake ads on the site have become a real problem. Some of the ads look like they are from legitimate businesses such as Home Depot, Lowes, etc.. They make the post look very real, using lots of pictures. The Better Business Bureau says the fake ads are common and they get thousands of complaints each year. “Impersonation is one of the key factors of what scammers love to do,” Sarah Wetzel of the BBB said. “They love to impersonate those well-known companies because that way they already have a foot in the door with the consumers.”

Source: Digital Information World

2. Rental Scams: Scammers ( who operate anywhere in the world ) can advertise a fake rental online. Next, they add a sense of urgency to attempt to get a deposit on the property. They will use excuses as to why they can not meet you in person. They also make sure to tell you that several people are looking at the property. Nationally, over 230 rental scams have been reported this year, up from the same time last year. Victims report losing an average of $550.

Better Business Bureau offers these tips:

Do an online search for the landlord’s email and phone number. If the same ad is listed in other cities, that’s a red flag.
If you can’t see the property in person, try to find someone you trust to go and confirm the unit is what’s being advertised online.
Don’t fall for deals that are too good to be true. If a unit is well below market rate or promising extra amenities than normal, it could be a red flag.
Be wary of required payments through cash transfer apps. Peer to peer apps are meant to be used with people you know.

Use the Better Business Bureau’s scam tracker as a tool to both report and prevent scam.

3. Catfishing: When someone creates a fake identity online for the purpose of starting a relationship. They then use this as a way to gain interest and confidence so they can scam the person out of money. Social Catfish is a software company that works to help people who believe they have been the victim of catfishing. It is one of the many software platforms we use at eChatter when conducting online research. They also have a great reverse image tool within the platform.

Impersonation of a Business

This is sometimes called Domain Spoofing. When done correctly, it can damage a business’ reputation while scamming consumers who fall for their pitch. All while impersonating the business. Two of the most common ways is cybersquatting and typosquatting.

Cybersquatting: Scammers use already established business websites and copy them to look just like the real website. They then sell counterfeit products.
Typosquatting: Scammers register a domain name similar to that of the legitimate business. They purposely use typo errors to change it but at first glance, people take it as the legitimate company’s website. This is sometimes used to redirect someone to a competitor’s website or try to collect ad revenue.

This just scratches the surface of the many ways scammers use the web and social media. It is a subject we will continue to write about in the future, so check back often for updates.

Adults Contacting Minors Online

Adults contacting minors online for the purpose of sextortion or meeting up for sex continues to be a big problem. Federal investigators believe there are more than 500,000 online predators active each day and they all have multiple online profiles. The ACM’s (Adults Contacting Minors) attempt to groom their minor victims, one step at a time. They start by making a connection. Next, they spark conversation, and then try to lure them in by sending a provocative photo of themselves. For most, the end goal is to meet for sex. In some cases, they are satisfied by either video chats or even exchanging of photos. More than 50% of victims are ages 12 to 15 and 89% of victims are contacted by a predator through a chatroom and instant messaging.

Most ACM’s have a level of confidence in this because currently it Is underreported. There is a sense that the ACM is “anonymous” online with no way to find out who he really is. This makes it almost impossible to catch them. With the help of great organizations like SOSA (Safe From Online Sex Abuse), whose goal it is to raise awareness and combat abuse, they are making some headway.

Recently the organization created a documentary on this subject that every parent should watch. It is called Undercover/Underage. Roo Powell is on a mission to expose the dangers of and prevent online child sex abuse. She works together with her nonprofit group, SOSA to set up aliases to engage with child predators. She works with law enforcement and professionals in the field. Over the course of the documentary, Roo transforms herself into several 15–16-year-old personas. It is no easy undertaking to make 30-year old’s look (Roo) and act like a 15-year-old minor. However, she pulls it off. She has done her research and understands the behavior, likes/dislikes of an average teen.

Alias Creation (aka Sock Puppets)

Setting up and creating a fake profile requires a lot of upfront work. Because this may lead to a video meeting or even an in-person meeting, everything must jive. Using the same username is critical across all platforms.
Creating a community of “friends” to make the profile look believable.
Photos – hiring a professional photographer who specializes in photo editing. The photographer in the documentary works in the fashion industry and is great at identifying and removing any age regressing features. The goal is to make her look like a teenager.
The use of hashtags is very important. Teens will use hashtags – #freshman, #15yearsold, #mixedgirl, #daddyissue, etc. The more the better to get the right kind of attention online.

OSINT Work

One thing that I found to be interesting as I watched the documentary, is how the team used OSINT techniques every step of the way. They used the “Leave no stone unturned” strategy to try to ID the guy. In one episode, the ACM loved to talk about himself. He talked about his work history, his hobbies, the fact that he has 4 kids, etc. The team is shown searching all of it to connect the dots and find out information about this guy online. He’s a pro however- he knows what he is doing and is careful. Just one small little crumb could be enough to point them in the right direction. The average person has no idea how much information is housed on the web. It could be an old press release that has been forgotten about that names him. Or it could be an obituary of a deceased relative that includes the name of the ACM. Anything is possible and that is why it is important to take the time needed to search.

The group also uses Honey Pot computing to lure in the ACM. A honeypot is a decoy computer system for trapping hackers or tracking unconventional or new hacking methods. In this case it is being use as a lure to try to identify the ACM’s IP address. For this case, it is being populated with the teen girl persona’s photos, poetry, etc. On the backend of the site there is an activity log. This lists out the visitors of the site. From that IP address, one may be able to identify the location of the ACM, if they do not use a VPN of course.

Keeping Up With the Apps

It makes sense that teens are more inclined to use apps. Apps allow users to share photos and videos with their friends through their mobile device. The documentary mentions a few sites/apps you may not have heard of before.

boardgamegeek.com :This site’s database has more than fifty thousand board games along with their developers and players. The games themselves are linked to users through lists called GeekLists, along with owned/played/wanted etc. connections, ratings, reviews, session reports, and so on. It has a forum which has some search capabilities. Good to keep in mind if your subject is a gamer. Search by location and then by name.

Online chat groups, Message apps, Gaming apps, make it easy for a predator to make a connection with a minor online. Interactions can easily escalate to “sextortion”, in which minors are coerced into sending explicit imagery of themselves. According to a New York Times recent article titled, “How to Protect Your Children From Online Predators”, the following are the ones to watch closely

In summary, the team uses outstanding critical thinking skills along with online research to try to identify the ACM’s. Some fall through the cracks, but in some cases, she does provide enough evidence to law enforcement to “take it from there”. It is not an easy task, and it really takes a thick skin and a strong stomach. Some scenes show Roo emotionally drained from the experience of playing out conversations with child predators. But in the end, it is her deep desire to help the kids. If she can get one or two arrested, she has done what she set out to do.