Hundreds of British businesses have been targeted by a Wikipedia extortion racket
This fact has been emphasised this week after The Wikimedia Foundation, the online encyclopedia's parent body, announced it had banned hundreds of accounts apparently engaged in an extensive "shakedown" targeting hundreds of British businesses and individuals.
Insurance providers, theatre companies, photographers, and jewellers are among those targeted by the scheme, according to an investigation by Wikipedia editors.
Here's how it worked:
- First, the business or individual tried to set up their own Wikipedia page, which was then declined, "usually because of notability concerns or excessively promotional content."
- This drew the attention of the scammers, who, using a "sock puppet" account to avoid detection, would then rewrite it.
- They would then reach out to the original subject and offer to publish - for a fee. According to the community announcement, "the person making the contact would usually claim to be an experienced editor or administrator."
- Upon payment, the article is set live and often reviewed by another sock puppet.
- The scammer then gets back in touch and demands payment in return for protecting the article from vandalism/deletion. The scammer charges around $30 (£20)/month.
The rules around paid editing, and editing material related to you, is murky. It's not always banned - if it's carefully disclosed, it can be acceptable. But in these instances, the subjects' pages had already been deleted once, typically because they seemed overly promotional (it's this deletion that initially draws the scammers' attention).
In the announcement, Wikipedia volunteer editor Risker urges other editors "to be kind to the article subjects," because "they too are victims in this situation." All the articles implicated in the scam have been deleted, Risker says "in order to prevent article subjects from continued shakedowns by bad actors who are causing significant harm to the reputation of this project."
The scam is being referred to within the Wikipedia community as "Orangemoody," named after the first sock puppet account identified. Who's behind it? At this point it's not clear. But in a blog post, Wikimedia Foundation employees Ed Erhart and Juliet Barbara say that "the edits made by the sockpuppets are similar enough that the community believes they were perpetrated by one coordinated group."
With 381 accounts banned and 210 articles deleted, that means this isn't a few opportunists acting independently. This is a sophisticated racket bringing in (if all 210 victims were being charged $30/month) $6,000 (£3,900) per month. Wikipedian James Alexander made a diagram showing the relationship between the various accounts. Green bubbles are accounts, while yellow bubbles are IP addresses.
