As always, credit where credit is due. Thank you very kindly to John Munoz whom, once I clarified the situation on his blog, moved very quickly to correct the information.
It is now up to the search engines to do their work for those hits.
Techonology, identity and other musings
As always, credit where credit is due. Thank you very kindly to John Munoz whom, once I clarified the situation on his blog, moved very quickly to correct the information.
It is now up to the search engines to do their work for those hits.
So at this point I would like to record where the negative results (due to the credit card and identity theft) are turning up so I can track how well the good results are percolating up. I should have started tracking these earlier as I’ve already had 1 reference successfully removed (it no longer shows up in any of these search engines), and some new pages I’ve created have shown up in the top 3 pages.
Page 1: bad results at #5,7 (out of 10)
Page 2: #1, #7
Page 3: #5, #10
Page 1: result #6, #9 (out of 10)
Page 2: result #4, #9, #10
Page 3: result #3, #6
page 1: result #6, #9 (out of 10)
page 2: result #4, #9, #10
page 3: result #3, #6
page 1: result #1, #5 (out of 10; excluding my ads inserted between 1 & 2, and at the end. The abandoned blog beats my ad!)
page 2: result #5
page 3: result #1
page 1: result #5, 6, 7, 11, 21 out of a total of 28 results. Clearly I’m not popular enough on duckduckgo.
I still have my work cut out for me!
Part of the point of this blog itself of course is to improve the quality of information that exists online about me, and outweigh the misinformation brought about by the identity theft incident. As a part of ensuring that this blog remains well ranked, I am trying to submit it to all major engines that accept submission – Google, Bing, Yahoo, Ask; some of which required me to put an authentication file in the root of the web server. A secondary part is including a sitemap.xml file for pre-indexing information. I have installed a plugin to WordPress to see if that will do the job automatically rather than me having to generate one separately and then upload it. Conveniently, the plugin advertises itself in the sitemap.xml file it generates.
So I thought I would try the simplest (or apparently simplest) approach first. Ask people nicely to remove my name – not their article as their work has much value as an example of what to look out for in spam that might indicate phishing attacks. The more information out there about not trusting every detail of unsolicited email from strangers (even if they purport to be from familiar places), the better.
I decided on the top 4, which covered the first 3 pages of google results. A blogspot blog, and 3 personal blogs. Here is what has happened with them so far. Bad news first.
The Blogspot blog appears to be abandoned. The post containing my name is the last post on there, and it is now 7 months later. While I have asked on there to have my name removed, I doubt it will have much impact, but I shall try again. Asking the hosting service to edit or remove the page isn’t an option at this point. Blogger is owned by Google, and as such will only take down pages if there is a matching court order. I will pester again. Sadly, this is a very prominent result.
One blog allowed me to submit an email to the author, however, it then disappeared in to a black hole. I will have to bug this one again.
One blog had no way of contacting them at all. I tried to guess email addresses but they all bounced or were undeliverable. I will need to rethink this one.
The one that worked….
So one of the bloggers I contacted understood immediately, and removed my name, replacing it with the word ‘redacted’. Perfect! Of course this now needed Google to know about the change, so luckily he had a sitemap.xml already present, so I could just add a bit of link juice and after about a week it was updated and no longer showing. Thank you Geoff Fox for appreciating the situation, and responding so quickly!
So the first step to drawing up a plan of attack is to work out what is the outcome I am after.
So what do I want?
It would be awfully convenient if none of these pages ever turned up again, but that isn’t going to happen and may not even be what I want.
My primary goal is to ensure that if my name is searched on any major search engine, the first 2-3 pages of hits do not associate me with any of the negative fallout of having my name misappropriated. Once that has been achieved, I can see whether I can do better than that.
As I mentioned previously, I do want the bulk of the information in these pages to remain available, but without the reference to my misappropriated details. For brevity, I’ll refer to these negative references caused by the abuse of the misappropriated details as “the fallout”.
So then what are the possible angles of attack to recover my name?
Where do I want these removed or rank lowered?
So now that I have an indea of what it is I want to achieve, what are my options?
Based on feedback from my very good friends, there are a few things I will try.
As I implement these, I will write up caveats, hits, misses and take on any extra ideas from you!
The Situation
In February this year, my Credit Card details were stolen. I received a phone call from Citibank identifying a fraudulent transaction (kudos to them!). I confirmed this, the card was cancelled and replaced, and the money re-credited. I also found another transaction on there at about the same time, where someone had purchased something from a Russian domain registrar. I was surprised at the time about how much you could spend at the registrar, but I filled out the paperwork for Citibank, had the money re-credited immediately, and all was right with the world. Or so I thought.
The Fallout
So it turns out that my credit card details were used to register a lot of websites. These websites were used as some kind of presumably honeypot scams via email spam, directing them to dodgy URLs offering free upgrades to Skype and Adobe products. How do I know this? My name is rather rare (I suspect unique world-wide), so when I Google searched my name a little while ago, rather than seeing a list of interesting and good deeds I may have done, I saw websites like “stupid scammers” come up. Now I’m very much in favour of these sites remaining up, because I would like people to be generally aware of such scams and be able to easily identify them as such. What adds insult to injury for me is that not only did the scammers use my stolen credit card to pay for the domain name registration, they also used my name as the technical contact, administrative contact and company name. This means that when people went to investigate the scam sites using whois, my name came up.
Why do I care?
At the moment I am looking for work, and so my Google search profile is very important to me. I would like the first impressions to be good. So when I started checking in to my current profile and found my good name to be associated with these scams above any other things that I’ve done, I was less than impressed. Secondly, as an IT professional, these scams are particularly badly done and make me look bad in my own field of broader expertise.
How do I know that every time I apply for a job, someone isn’t Google searching my name and ruling me out just-in-case? I want to reclaim my name.
What am I doing about it?
I”ll be trying quite a few options, and I’m also soliciting other ideas from the internet at large (that includes you!) I do not expect this to be a fast process, but something I want to see how far I can get; with the intent of sharing my experiences and what to do if the same thing happens to you. I will also look at issues around Bing and sites like Pipl, but luckily the stupid scammer stuff is buried much deeper on those.