What Is “Sexting?”

When people take a sexually revealing picture or video of themselves and send it or them as text message attachments, it’s called “sexting.” And recently the practice has been increasing exponentially amongst kids. Kids “sext” to show off, to entice someone, to show interest in someone, or to prove commitment. The problem with that, is that the moment the relationship ends (and most of them do) someone is in possession of a highly compromising image that can be easily posted on a social networking site or sent around via email or text.

There have been some high profile cases of sexting — including High School Musical star Vanessa Hudgens, who sent a nude picture to her co-star/boyfriend, Zac Efron, that ended up all over the Internet and made headlines. And in July 2008, Cincinnati teen Jesse Logan committed suicide after a nude photo she’d sent to a boyfriend was circulated widely around her high school, resulting in harassment from her classmates.

Why It Matters

In a technology world where anything can be copied, sent, posted, and seen by huge audiences, there’s no such thing as being able to control images. Even if a photo was taken and sent as a token of love, the intention doesn’t matter — the technology makes it possible for everyone to see your child’s most intimate self. And in the hands of teenagers, when revealing photos are made public the subject almost always becomes the object of ridicule and name calling. Furthermore, sending sexual images to minors is against the law, and some states in the US and the UK have begun prosecuting kids for child pornography or obscenity.

Advice for Parents

Don’t wait – for an incident to happen to your child or your child’s friend before you talk to your kids about the consequences of sexting. Sure, talking about sex or dating with teens can be really uncomfortable, but better to have the talk before the fact.

Remind them – that once an image is sent, it can never be retrieved — and they will lose control of it. Ask teens how they would feel if their teachers, parents, or the entire school saw the picture, because it happens all the time.

Talk about pressures – to send revealing photos. Let teens know that you understand that they can be pushed or dared into sending something. Tell them that no matter how big the social pressure is, the potential social humiliation will be hundreds of times worse.

The buck stops with them. If someone sends them a photo, have them delete it immediately. Better to be part of the solution than the problem. Besides, if they do send it on, they’re distributing pornography — and that’s against the law.

If you can’t deal with this, have your kids go to a professional that can help (and you should go yourself).

Statistics

• 22% of teen girls and 20% of teen boys have sent nude or semi-nude photos of themselves
• 22% of teens admit that technology makes them personally more forward and aggressive
• 38% say exchanging sexy content makes dating or hooking up with others more likely
• 29% believe those exchanging sexy content are “expected” to date or hook up

Remember; revealing photos can be resent to a vast audience. If the person you or a kid sends an explicit image via mobile phone, or even email. These can be forwarded to someone else, and before you know it, the content is uploaded online or passed between peers and sending a sexual image to a minor, even minor to minor is illegal.

Evidence

As a parent, you may be worried what your kids are sending to each other. Where do your ethics come in to play regarding a kids privacy? Sometimes drastic measures will force you to intervene in a child’s life and development and for his or her protection.  For the worried parent there is software available that will help you. MOBILedit is a Forensic Application that works will all mobile phones and PDAs and requres a data cable (one of these usually comes with a new phone as standard, if not, they are cheap to buy).

MOBILedit is quite costly, but the trial is fully functional and will allow you to use the application for a short time. Which will be all you need to gather the information you need. This software can also be used to read test (SMS) messages from both sides of the conversation. This is useful if your child is being bullied, or is indeed a bully him or herself. The application can be used for many predicaments you and your child may come across, and a way of proving facts.

Do not use this software as just a spying tool, this would be unfair and you would be infringing on privacy issues if you have no just cause, so please use this software wisely. You can download the trial below.

We all know how fun Twitter can be. Many people have fallen in love with this micro blogging site, and don’t really see anything that could go wrong. After all, who needs Twitter safety tips against a cute, bird logo?

Well, don’t be too caught up in your Twitter postings that you forget your safety. Remember that the Internet is still a prime target market for sexual predators, stalkers, fraudsters, scammers, hackers and people who want to do others harm. You might need these Twitter safety tips more than you realise, especially if you have just started to use twitter.

Just the other day, I chanced upon this TV interview of a young, popular actress who pointed out that someone has set up an account on Twitter, pretending to be her which leads me to…

Twitter Safety Tip # 1:  Don’t believe everything you read

Have we not learned from the past? The Internet, while not harmful by itself, is still a haven for individuals and groups that are up to no good.

After all, who can say that a 50-year-old pervert isn’t a cute, 15-year-old student from London when he sounds just like a 15-year old student from London? And that picture of him in that blue shirt just backs it up, right?

If you are inclined to believe this, then you need this Twitter safety tip more than anyone else. People who want to befriend you can easily make up lies on Twitter. Don’t think for a second that they wouldn’t take the time and effort to prattle away about their non-existent boring Algebra classes and upcoming winter dance if it meant making themselves more convincing.

Be aware that there are many fake profiles on twitter. Learn how to spot them. Firstly, you’ll notice that they have not posted much, and with links being shortened, its hard to see if your being sent to a real site or a dodgy site where you will be prone to a clickjacking attack/scam. Other things too look out for are the following and followers. Usually you can tell by looking if this is a real person or a fake. Also keep away from people sending tweets from API. Scammers/Spammers also follow each other, and may converse between themselves to make it look like they have actual friends. Be wary. A quick example of clickjacking. Click this link (its safe), but its shows you how an easy link can be spoofed.

The most common looking fake profile with low followers

Automated tweets from the Twitter API - Block these people

If you want to follow a celebrity, I suggest you look for the new Twitter Verified Account tag that’s added at the top right of a profile, and check out Valebrity for a huge list of validated celebs.

An official Verified Account

Last bits on this subject, there are lots of automated scripts out there that create fake profiles, bots that create fake posts and user accounts. So if you are unsure that this is a real person, do some investigating and look at their followers and see if any of them has ever had a proper conversation with this possible ‘fake’. If in doubt, don’t follow them back and block them.

A typical fake Profile. Notice there's no conversation, and low followers

Also beware of tweets and websites that claim Get 160,000 followers in a month, or words like that. Firstly, they don’t work, and secondly they are probably a scam.

Why? Well, once you click a link, you are directed to a website where you enter your Twitter login details. Now the scammers/spamers can send tweets from your account. Also, they may flood Twitter with thousands of messages. Twitter hates this and it will get your account locked and possibly deleted. If this happens and you still have access to your account, change your password immediately.

When visiting any website that is not directly affiliated or endorsed by twitter, be very careful when submitting your account details. You never know who owns the website or what they are using it for, so do some research first. Check the whois information for the site (this can also be faked), search twitter to see if other people are using the site (or even an app) and see if they seem to be sending spam tweets. If all is clear, then they are probably OK.

Never pay for a service that links to Twitter.

Twitter Safety Tip # 2: Don’t give out your location

I know that micro blogging is fun. There’s just something addicting about being able to post what you’re doing or what you’re feeling at this exact moment… and having hundreds, possibly thousands of followers seeing it.

If you have added people in Twitter who are not really your friends, then all the more reason to be careful. If you, for example, tweets that you’re stuck in the Starbucks near your home late at night, anyone could just take advantage of that information. Its only a matter of time until you turn on the TV and hear that someone is being stalked or has been attacked or murdered because they twitted their exact location, so be warned.

Lastly on this location tip. Be careful if you are using an iPhone and turn on the Location Option. It looks like this in a persons profile: 37.739705,-122.430799 and gives you the longitude and latitude of a persons iPhone. This can be used to track you. So turn this feature off.  In a test, I activated this feature on an iPhone with Twitterrific. With a laptop and mobile phone enabled with GPS Software I travelled miles away from home, where I left the iPhone switched on. I activated the Laptop and GPS, loaded my Twitter page and got the coordinates. I entered them into the GPS system and navigated the route to 20 meters from my doorstep. Anyone could do this with just a laptop and GPS Enabled phone. You can also go to Google Maps and copy and paste the longitude and latitude, this will also give the location. And with Street View, you can probably see where that person lives.

Twitter Safety Tip # 3: Don’t attract too much attention to yourself

Twittering that you have just received a gold bracelet from your boyfriend can also attract the wrong sort of followers to your account. Trust should not be so freely given on the Internet.

You might want to show it off on Twitter via TwitPic or some other image provider or host, but think about the possible risks. It might tempt others into doing something both you, and they, will regret.

As much fun as Twitter is, set a limit on how much private information you’re really broadcasting to the world. Many of you may be thinking, ‘yeah, whateverrrr’, or ‘yeah OK, this will never happen to me’. But never forego you’re safety,  and never let your guard down on the Internet. If you do, you’re a fool!

More protection…

When using twitter, I’d suggest using a 3rd party application like TweetDeck (which is my favorite twitter app) or CoTweet (which is my second fave). The reason for using a 3rd party application is that it uses Twitters API (Application programming interface) and you are less likely to get a trojan or virus from clicking on a users infected profile. Yes! You can also get a Trojan or Virus from using Twitter. A while back, Twitter was plagued by the ‘Mikeyy Worm‘ that infected you if you clicked on a profile that had been compromised by the Mikeyy worm. Incidentaly, the Mikeyy worm was actually written by Michael Mooney, a 17 year old kid and it crippled millions of Twitter accounts.

You can keep track of attacks on twitter here. And if you would like to report suspicious activity, a spammer or something that doesn’t look right, follow twitters Spam Team and then send them a tweet with your problem: http://twitter.com/spam and they should help. Also, if you have any real issues and you need support from Twitter, visit their ticketing system.

Twitter is not perfect and is riddled with security holes, and more are being discovered or exploited daily. For a platform that’s almost over 3 years old, the boffins at Twitter really should plug these holes, tighten up security and keep people safer. Don’t let this spoil your twitting experience though. As long as you keep safe whilst on twitter, and learn how to spot the fake profiles, you’ll have a great time.

If you have any Twitter tips you would like to share with us, please comment below and at some point I will include these in a list, and credit you.

Lastly, check out Sharon Hays’ Blog for tons of Twitter information. She’s a pure Twitter professional, lovely person and her blog will help you get used to Twitter if you are new. Also, checkout Twitter 101 for some excellent information.

Recent Twitter Bots/Scammers

I will update this section of this post as new scams, bots and strategies change, so keep popping back for updats…

You will notice that they are now having conversations. But with other bots and they use rubbish English like ‘Howz U doin‘,  ‘I did dat last wk‘ and so on. If you click on the people they are following, you will notice the same bad grammar and spellings. Some of these new spammers are also now mimicking or pretending to be up and coming actors/actresses and celebs.

3rd Party Application Spam

I’ve noticed that spammers are now creating profiles and posting tweets via TweetDeck and CoTweet as well as TwitterFeed. Again, there is no real conversation and the posts are riddled with useless links and random tweets. You may also notice that the spammers and bots are now using lists to make them look like normal people. Be wary.

New fake profile using TweetDeck and using Lists

True Twit

This is not a danger, but I wanted to update you with this cool utility. If you are plagued by Twitter spam (or Twam) and you have had enough, you can try True Twit. True Twit has been around a while now and what it does is to verify anyone following you. So, if for example, I follow you, I’m sent a DM to click a link to verify that I am in fact a cool human being and wants to follow you because I think your cool. I don’t have to enter any of my Twitter details either.

True Twit - Helping stop Twitter Spam

True Twit also has a few neat options behind the scenes, where you can send a verification note to anyone on your list to whom you think may is a spammer or may have a fake profile, they are then sent a DM to verify themselves. The message that is sent is customisable, or you can use the default message. You can also unfollow people too. Signup today and help stop the spam.

http://www.truetwit.com.

Stay tuned for more info…

The lack of sensory information on the Internet (like too many adults,  teenagers and younger kids with a Facebook or Myspace page or Twitter account) may have a significant impact on cyberstalkers,  “The absence of sensory-perceptual stimuli from a real person means that fantasy can play an even more expansive role as the genesis of behavior in the stalker.” The victim becomes an easy target for the stalker’s projections, and narcissistic fantasies, that can lead to a real world rejection, humiliation and rage.

One of the most prominent features of stalking behaviour is fixation on victims. Their obsession can drive stalkers to extremes that make this type of investigation challenging and potentially dangerous. Although stalkers who use the Internet to target victims may attempt to conceal their identities, their obsession with a victim often causes them to expose themselves. For instance, they may say things that reveal their relationship with or knowledge of the victim, or they may take risks that enable investigators to locate and identify them. However, even when stalkers have been identified, attempts to discourage them can have the opposite effect, potentially angering them and putting victims at greater risk.

In 1990, after five women were murdered by stalkers, California became the first state in the US to enact a law to deal with this specific problem. Then, in 1998, California explicitly included electronic communications in their anti-stalking law. The relevant sections of the California Penal Code have strongly influenced all subsequent anti-stalking laws in the US, clearly defining stalking and related terms.

Any person who willfully, maliciously, and repeatedly follows or harasses another person and who makes a credible threat with the intent to place that person in reasonable fear of death or great bodily injury is guilty of the crime of stalking … “harasses” means a knowing and willful course of conduct directed at a specific person that seriously alarms, annoys, torments, or terrorizes the person, and that serves no legitimate purpose. This course of conduct must be such as would cause a reasonable person to suffer substantial emotional distress, and must actually cause substantial emotional distress to the person.

… “course of conduct” means a pattern of conduct composed of a series of acts over a period of time, however short, evidencing a continuity of purpose … “credible threat” means a verbal or written threat, including that performed through the use of an electronic communication device, or a threat implied by a pattern of conduct or a combination of verbal, written, or electronically communicated statements and conduct made with the intent to place the person that is the target of the threat in reasonable fear for his or her safety or the safety of his or her family and made with the apparent ability to carry out the threat so as to cause the person who is the target of the threat to reasonably fear for his or her safety or the safety of his or her family. It is not necessary to prove that the defendant had the intent to actually carry out the threat… “electronic communication device” includes, but is not limited to, telephones, cellular phones, computers, video recorders, fax machines, or pagers.” [California Penal Code 646.9]

The equivalent law in the United Kingdom is the Protection from Harassment Act 1997 (Chapter 40).

Note that persistence is one of the operative concepts when dealing with stalking. A single upsetting e-mail message is not considered harassment because it is not a pattern of behavior. Remember that anti-stalking laws were enacted to protect individuals against persistent terrorism and physical danger, not against annoyance or vague threats.

The distinction between annoyance and harassment is not easily defined. It is usually enough to demonstrate that the victim suffered substantial emotional distress. However, there is always the argument that the victim overreacted to the situation. If a victim is not found to be a “reasonable person” as described in the law, a court might hold that no harassment took place. Therefore, when investigating a stalking case, it is important to gather as much evidence as possible to demonstrate that persistent harassment took place and that the victim reacted to the credible threat in a reasonable manner.

The explicit inclusion of electronic communication devices in California’s anti-stalking law is a clear acknowledgement of the fact that stalkers are making increasing use of new technology to further their ends. In addition to using voice mail, fax machines, cellular phones, and pagers, stalkers use computer networks to harass their victims. The term cyberstalking refers to stalking that involves the Internet. This chapter briefly describes how cyberstalkers operate, what motivates them, and what investigators can do to apprehend them.

How Cyberstalkers Operate

Cyberstalking works in much the same way as stalking in the physical world. In fact, many offenders combine their online activities with more traditional forms of stalking and harassment such as telephoning the victim and going to the victim’s home. Some cyberstalkers obtain victims over the Internet and others put personal information about their victims online, encouraging others to contact the victim, or even harm them.

CASE EXAMPLE (ASSOCIATED PRESS 1997):

Cynthia Armistead-Smathers of Atlanta believes she became a target during an e-mail discussion of advertising in June, 1996. First she received nasty e-mails from the account of Richard Hillyard of Norcross, GA. Then she began receiving messages sent through an “anonymous remailer,” an online service that masks the sender’s identity.

After Hillyard’s Internet service provider cancelled his account, Ms Armistead-Smathers began getting messages from the Centres for Disease Control and Prevention in Atlanta, where he worked. Then she got thousands of messages from men who had seen a posting of a nude woman, listing her e-mail address and offering sex during the Atlanta Olympics.

But police said there was little they could do – until she got an anonymous message from someone saying he had followed Ms Armistead-Smathers and her 5-year-old daughter from their post office box to her home.

People say “It’s online. Who cares? It isn’t real. Well this is real,” Ms Armistead-Smathers said. “It’s a matter of the same kind of small-minded bullies who maybe wouldn’t have done things in real life, but they have the power of anonymity from behind a keyboard, where they think no one will find them.”

In general, stalkers want to exert power over their victims in some way, primarily through fear. The crux of a stalker’s power is information about and knowledge of the victim. A stalker’s ability to frighten and control a victim increases with the amount of information that he can gather about the victim. Stalkers use information like telephone numbers, addresses, and personal preferences to impinge upon their victims’ lives. Also, over time cyberstalkers can learn what sorts of things upset their victims and can use this knowledge to harass the victims further.

Since they depend heavily on information, it is no surprise that stalkers have taken to the Internet. After all, the Internet contains a vast amount of personal information about people and makes it relatively easy to search for specific items. As well as containing people’s addresses and phone numbers, the Internet records many of our actions, choices, interests, and desires. Databases containing social security numbers, credit card numbers, medical history, criminal records, and much more can also be accessed using the Internet. Additionally, cyberstalkers can use the Internet to harass specific individuals or acquire new victims from a large pool of potential targets. In one case, a woman was stalked in chat rooms for several months, during which time the stalker placed detailed personal information online and threatened to rape and kill her. Some offenders seek victims online but it is more common for stalkers to use chat networks to target individuals that they already know.

Acquiring Victims

Past studies indicate that many stalkers had a prior acquaintance with their victims before the stalking behavior began (Harmon et al. 1994). The implication of these studies is that investigators should pay particular attention to acquaintances of the victim. However, these studies are limited because many stalking cases are unsolved or unreported. Additionally, it is not clear if these studies apply to the Internet. After all, it is uncertain what constitutes an acquaintance on the Internet and the Internet makes it easier for cyberstalkers to find victims of opportunity.

Cyberstalkers can search the Web, browse through Windows Live Messenger (MSN), Skype, Digsby, Yahoo, ICQ and AOL profiles, and lurk in Yahoo, IRC and AOL chat rooms looking for likely targets – vulnerable, under-confident individuals who will be easy to intimidate.

CASE EXAMPLE: One stalker repeatedly acquired victims of opportunity on AOL and used AOL’s Instant Messenger to contact and harass them. The stalker also used online telephone directories to find victims’ numbers, harassing them further by calling their homes. This approach left very little digital evidence because none of the victims recorded the Instant Messenger sessions, they did not know how to find the stalker’s IP address, and they did not contact AOL in time to track the stalker.

Of course, the victims were distressed by this harassment, feeling powerless to stop the instant messages and phone calls. This sense of powerlessness was the primary goal the cyberstalker. This stalker may have picked AOL as his stalking territory because of the high number of inexperienced Internet users and the anonymity that it affords.

As a rule, investigators should rely more on available evidence than on general studies. Although research can be useful to a certain degree, evidence is the most reliable source of information about a specific case and it is what the courts will use to make a decision.

Anonymity and Surreptitious Monitoring

The Internet has the added advantage of protecting a stalker’s identity and allowing a stalker to monitor a victim’s activities. For example, stalkers acquainted with their victims use the Internet to hide their identity, sending forged or anonymous e-mail and using ICQ or AOL Instant Messenger to harass their victims. Also, stalkers can utilize ICQ, AOL Instant Messenger, and other applications (e.g. finger) to determine when a victim is online. Most disturbing of all, stalkers can use the Internet to spy on a victim. Although few cyberstalkers are skilled enough to break into a victim’s e-mail account or intercept e-mail in transit, a cyberstalker can easily observe a conversation in a live chat room. This type of pre-surveillance of victims and amassing of information about potential victims might suggest intent to commit a crime but it is not a crime in itself, and is not stalking as defined by the law.

Escalation and Violence

It is often suggested that stalkers will cease harassing their victims once they cease to provoke the desired response. However, some stalkers become aggravated when they do not get what they want and become increasingly threatening. As was mentioned at the beginning of this chapter, stalkers have resorted to violence and murder. Therefore, it is important for investigators to be extremely cautious when dealing with a stalking case. Investigators should examine the available evidence closely, protect the victim against further harm as much as possible, and consult with experts when in doubt. Most importantly, investigators should not make hurried judgements that are based primarily on studies of past cases.

Investigating Cyberstalking

There are several stages to investigating a cyberstalking case. These stages assume that the identity of the cyberstalker is unknown. Even if the victim suspects an individual, investigators are advised to explore alternative possibilities and suspects. Although past research suggests that most stalkers have prior relationships with victims, this may not apply when the Internet is involved since stranger stalking is easier. Therefore, consider the possibility that the victim knows the stalker, but do not assume that this is the case:

Interview victim – determine what evidence the victim has of cyberstalking and obtain details about the victim that can be used to develop victimology. The aim of this initial information gathering stage is to confirm that a crime has been committed and to obtain enough information to move forward with the investigation.

Interview others – if there are other people involved, interview them to compile a more complete picture of what occurred.

Victimology and risk assessment – determine why an offender chose a specific victim and what risks the offender was willing to take to acquire that victim. The primary aim of this stage of the investigation is to understand the victim-offender relationship and determine where additional digital evidence might be found.

Search for additional digital evidence – use what is known about the victim and cyberstalker to perform a thorough search of the Internet. Victimology is key at this stage, guiding investigators to locations that might interest the victim or individuals like the victim. The cyberstalker initially observed or encountered the victim somewhere and investigators should try to determine where. Consider the possibility that the cyberstalker encountered the victim in the physical world. The aim of this stage is to gather more information about the crime, the victim and the cyberstalker.

Crime scene characteristics – examine crime scenes and cybertrails for distinguishing features (e.g. location, time, method of approach, choice of tools) and try to determine their significance to the cyberstalker. The aim of this stage is to gain a better understanding of the choices that the cyberstalker made and the needs that were fulfilled by these choices.

Motivation – determine what personal needs the cyberstalking was fulfilling. Be careful to distinguish between intent (e.g. to exert power over the victim, to frighten the victim) and the personal needs that the cyberstalker’s behavior satisfied (e.g. to feel powerful, to retaliate against the victim for a perceived wrong). The aim of this stage is to understand the cyberstalker well enough to narrow the suspect pool revisit the prior steps and uncover additional evidence

Repeat - if the identity of the cyberstalker is still not known, interview the victim again. The information that investigators have gathered might help the victim recall additional details or might suggest a likely suspect to the victim

To assist investigators carry out each of these stages in an investigation, additional details are provided here.

Interviews

Investigators should interview the victim and other individuals with knowledge of the case to obtain details about the inception of the cyberstalking and the sorts of harassment the victim has been subjected to. In addition to collecting all of the evidence that the victim has of the cyberstalking, investigators should gather all of the details that are required to develop a thorough victimology as described in the next section.

While interviewing the victim, investigators should be sensitive to be as tactful as possible while questioning everything and assuming nothing. Keep in mind that victims tend to blame themselves, imagining that they encouraged the stalker in some way (e.g. by accepting initial advances or by making too much personal information available on the Internet) (Pathé 1997). It is therefore important for everyone involved in a cyberstalking investigation to help the victim regain confidence by acknowledging that the victim is not to blame. It is also crucial to help victims protect themselves from potential attacks. The National Center for Victims of Crime has an excellent set of guidelines developed specifically for victims of stalking.

Victimology

In addition to helping victims protect themselves against further harassment, investigators should try to determine how and why the offender selected a specific victim. To this end, investigators should determine whether the cyberstalker knew the victim, learned about the victim through a personal Web page, saw a Usenet message written by the victim, or noticed the victim in a chat room.

It is also useful to know why a victim made certain choices to help investigators make a risk assessment. For example, individuals who use the Internet to meet new people are at higher risk than individuals who make an effort to remain anonymous. In some instances, it might be quite evident why the cyberstalker chose a victim but if a cyberstalker chooses a low risk victim, investigators should try to determine which particular characteristics the victim possesses that might have attracted the cyberstalker’s attention (e.g. residence, work place, hobby, personal interest, demeanor). These characteristics can be quite revealing about a cyberstalker and can direct the investigator’s attention to certain areas or individuals.

Questions to ask at this stage include:

Does the victim know or suspect why, how, and/or when the cyberstalking began?

What Internet Service Provider(s) do(es) the victim use and why?

What online services does the victim use and why (e.g. Web, free e-mail services, Usenet, IRC)?

When does the victim use the Internet and the various Internet services (does the harassment occur at specific times suggesting that the cyberstalker has a schedule or is aware of the victim’s schedule)?

What does the victim do on the Internet and why?

Does the victim have personal Web pages or other personal information on the Internet (e.g. a Facebook profile, Twitter, Myspace or Bebo Web page, customized finger output)? What information do these items contain?

In addition to the victim’s Internet activities, investigators should examine the victim’s physical surroundings and real world activities.

When the identity of the cyberstalker is known or suspected, it might not seem necessary to develop a complete victimology. Although it is crucial to investigate suspects, this should not be done at the expense of all else. Time spent trying to understand the victim-offender relationship can help investigators understand the offender, protect the victim, locate additional evidence, and discover additional victims. Furthermore, there is always the chance that the suspect is innocent in which case investigators can use the victimology that they developed to find other likely suspects.

Risk Assessment

A key aspect of developing victimology is determining victim and offender risk. Generally, women are at greater risk than men of being cyberstalked and new Internet users are at greater risk than experienced Internet users. Individuals who frequent the equivalent of singles bars on the Internet are at greater risk than those who just use the Internet to search for information. A woman who puts her picture on a Web page with some biographical information, an address, and phone number is at high risk because cyberstalkers can fixate on the picture, obtain personal information about the woman from the Web page, and start harassing her over the phone or in person.

Bear in mind that victim risk is not an absolute thing – it depends on the circumstances. A careful individual who avoids high risk situations in the physical world might be less cautious on the Internet. For example, individuals who are not famous in the world at large might have celebrity status in a certain area of the Internet, putting them at high risk of being stalked by someone familiar with that area. Individual who are sexually reserved in the physical world might partake in extensive sexual role playing on the Internet, putting them at high risk of being cyberstalked.

If a cyberstalker selects a low risk victim, investigators should try to determine what attracted the offender to the victim. Also, investigators should determine what the offender was willing to risk when harassing the victim. Remember that offender risk is the risk as an offender perceives it – investigators should not try to interpret an offender’s behavior based on the risks they perceive. An offender will not necessarily be concerned by the risks that others perceive. For example, some cyberstalkers do not perceive apprehension as a great risk, only an inconvenience that would temporarily interfere with their ability to achieve their goal (to harass the victim) and will continue to harass their victims, even when they are under investigation.

Search

Investigators should perform a thorough search of the Internet using what is known about the victim and the offender and should examine personal computers, log files on servers, and all other available sources of digital evidence as described in this book. For example, when a cyberstalker uses e-mail to harass a victim, the messages should be collected and examined. Also, other e-mail that the victim has received should be examined to determine if the stalker sent forged messages to deceive the victim. Log files of the e-mails server that was used to send and receive the e-mail should be examined to confirm the events in question.

Log files sometimes reveal other things that the cyberstalker was doing (e.g. masquerading as the victim, harassing other victims) and can contain information that lead directly to the cyberstalker.

CASE EXAMPLE: Gary Steven Dellapenta became the first person to be convicted under the new section of California’s stalking law that specifically includes electronic communications. After being turned down by a woman named Randi Barber, Dellapenta retaliated by impersonating her on the Internet and claiming she fantasized about being raped.

Using nicknames such as “playfulkitty4U” and “kinkygal30,” Dellapenta placed online personal ads and sent messages saying such things as “I’m into the rape fantasy and gang-bang fantasy too.” He gave respondents Barber’s address and telephone number, directions to her home, details of her social plans and even advice on how to short-circuit her alarm system.

Barber became alarmed when men began leaving messages on her answer machine and turning up at her apartment. In an interview (Newsweek 1999), Barber recalled that one of the visitors left after she hid silently for a few minutes, but phoned her apartment later. “What do you want?” she pleaded. “Why are you doing this?” The man explained that he was responding to the sexy ad she had placed on the Internet.

“What ad? What did it say?” Barber asked. “Am I in big trouble?”

“Let me put it to you this way,” the caller said. “You could get raped.”

When Barber put a note on her door to discourage the men who were responding to the personal ads, Dellapenta putting new information on the Internet claiming that the note was just part of the fantasy.

In an effort to gather evidence against Dellapenta, Barber kept recordings of messages that were left on her machine and contacted each caller, asking for any information about the cyberstalker. Two men cooperated with her request for help, but it was ultimately her father who gathered the evidence that was necessary to identify Dellapenta.

Barber’s father helped to uncover Dellapenta’s identity by posing as an ad respondent and turning the e-mails he received over to investigators.

Investigators traced the e-mails from the Web sites at which they were posted to the servers used to access the sites. Search warrants compelled the Internet companies to identify the user. All the paths led police back to Dellapenta. “When you go on the Internet, you leave fingerprints – we can tell exactly where you’ve been,” says sheriff’s investigator Mike Gurzi, who would eventually verify that all the e-mails originated from Dellapenta’s computer after studying his hard drive. The alleged stalker’s M.O. was tellingly simple: police say he opened up a number of free Internet e-mail accounts pretending to be the victim, posted the crude ads under a salacious log-on name and started e-mailing the men who responded. (Newsweek 1999)

Dellapenta admitted to authorities that he had an “inner rage” against Barber and pleaded guilty to one count of stalking and three counts of solicitation of sexual assault.

When searching for evidence of cyberstalking it is useful to distinguish between the offender’s harassing behaviors and surreptitious monitoring behaviours. A victim is usually only aware of the harassment component of cyberstalking. However, cyberstalkers often engage in additional activities that the victim is not aware of. Therefore, investigators should not limit their search to the evidence of harassment that the victim is already aware of but should look for evidence of both harassment and surreptitious monitoring.

If the victim frequented certain areas, investigators should comb those areas for information and should attempt to see them from the cyberstalker’s perspective. Could the cyberstalker have monitored the victim’s activities in those areas? If so, would this monitoring have generated any digital evidence and would Locard’s exchange principle take effect? For example, if the victim maintains a Web page, the cyberstalker might have monitored its development in which case the Web server log would contain the cyberstalker’s IP address (with associated times) and the cyberstalker’s personal computer would indicate that the page had been viewed (and when it was viewed). If the cyberstalker monitored the victim in IRC, he might have kept log files of the chat sessions. If the cyberstalker broke into the victim’s e-mail account the log files on the e-mail server should reflect this.

Keep in mind that the evidence search and seizure stage of an investigation forms the foundation of the case – incomplete searches and poorly collected digital evidence will result in a weak case. It is therefore crucial to apply the Forensic Science concepts presented in this book diligently. Investigators should collect, document, and preserve digital evidence in a way that will facilitate the reconstruction and prosecution processes. Also investigators should become intimately familiar with available digital evidence, looking for class and individual characteristics in an effort to maximize its potential.

Crime Scene Characteristics

When investigating cyberstalking, investigators might not be able to define the primary crime scene clearly because digital evidence is often spread all over the Internet. However, the same principle of behavioral evidence analysis applies – aspects of a cyberstalker’s behavior can be determined from choices and decisions that a cyberstalker made and the evidence that was left behind, destroyed, or taken away. Therefore, investigators should thoroughly examine the point of contact and cybertrails (e.g. the Web, Usenet, personal computers) for digital evidence that exposes the offender’s behavior.

To begin with, investigators should ask themselves why a particular cyberstalker used the Internet – what need did this fulfill? Was the cyberstalker using the Internet to obtain victims, to remain anonymous, or both? Investigators should also ask why a cyberstalker used particular areas of the Internet – what affordances did the Internet provide? MO and signature behaviors can usually be discerned from the way a cyberstalker approaches and harasses victims on the Internet.

How cyberstalkers use the Internet can say a lot about their skill level, goals, and motivations. Using IRC rather than e-mail to harass victims suggests a higher skill level and a desire to gain instantaneous access to the victim while remaining anonymous. The choice of technology will also determine what digital evidence is available. Unless a victim keeps a log, harassment on IRC leaves very little evidence whereas harassing e-mail messages are enduring and can be used to track down the sender.

Additionally, investigators can learn a great deal about offenders’ needs and choices by carefully examining their words, actions, and reactions. Increases and decreases in intensity in reaction to unexpected occurrences are particularly revealing. For example, when a cyberstalker’s primary mode of contact with a victim is blocked the cyberstalker might be discouraged, unperturbed, or aggravated. How the cyberstalkers choose to react to setbacks indicates how determined they are to harass a specific victim and what they hope to achieve through the harassment. Also, a cyberstalker’s intelligence, skill level, and identity can be revealed when he modifies his behaviour and use of technology to overcome obstacles.

Motivation

There have been a number of attempts to categorize stalking behavior and develop specialized typologies (Meloy 1998). However, these typologies were not developed with investigations in mind and are primarily used by clinicians to diagnose mental illnesses and administer appropriate treatments.

When investigating cyberstalking, the motivational typologies can be used as a sounding board to gain a greater understanding of stalkers’ motivations. Also, as described earlier in this chapter, some stalkers pick their victims opportunistically and get satisfaction by intimidating them, fitting into the power assertive typology.

Other stalkers are driven by a need to retaliate against their victims for perceived wrongs, exhibiting many of the behaviours described in the anger retaliatory typology. For instance, Dellapenta, the Californian cyberstalker who went to great lengths to terrify Randi Barber, stated that he has an “inner rage” directed at Barber that he could not control. Dellapenta’s behavior confirms this statement, indicating that he was retaliating against Barber for a perceived wrong. His messages were degrading and were designed to bring harm to Barber. Furthermore, Dellapenta tried to arrange for other people to harm Barber, indicating that he did feel the need to hurt her himself. Although it is possible that Dellapenta felt some desire to assert power over Barber, his behavior indicates that he was primarily driven by a desire to bring harm to her.

Summary

Cyberstalking is not different from regular stalking – the Internet is just another tool that facilitates the act of stalking. In fact, many cyberstalkers also use the telephone and their physical presence to achieve their goals. Stalkers use the Internet to acquire victims, gather information, monitor victims, hide their identities, and avoid capture. Although cyberstalkers can become quite adept at using the Internet, investigators with a solid understanding of the Internet and a strong investigative methodology will usually be able to discover the identity of a cyberstalker.

With regard to a strong investigative methodology, investigators should get into the habit of following the steps described in the chapter (interviewing victims, developing victimology, searching for additional evidence, analysing crime scenes, and understanding motivation).

The type of digital evidence that is available in a cyberstalking case depends on the technologies that the stalker uses. However, a cyberstalker’s personal computer usually contains most of the digital evidence, including messages sent to the victim, information gathered about the victim, and even information about other victims.

It is difficult to make accurate generalizations about cyberstalkers because a wide variety of circumstances can lead to cyberstalking. A love interest turned sour can result in obsessive and retaliatory behaviour. An individual’s desire for power can drive him to select and harass vulnerable victims opportunistically. The list goes on, and any attempt to generalize or categorize necessarily excludes some of the complexity and nuances of the problem. Therefore, investigators who hope to address this problem thoroughly should be wary of generalisations and categorizations, only using them to understand available evidence further.