Automated bots bombard EU referendum petition with fake signatures

Graham Cluley

Cluley 250 thumb

BBC News reports:

An online petition calling for a second EU referendum has been hijacked by automated bots adding false signatures.

Posts on the 4chan message board indicated that some users had scripted programs to automatically sign the petition.

Thousands of signatures appeared to have come from people in Vatican City and Antarctica.

The House of Commons petitions committee said it had removed 77,000 signatures and was investigating.

The problem is that the UK government petitions site isn’t doing enough to weed out fake participants.

Every time you sign a petition on the site, you are asked for an email address and have to click on a link in a message sent to that email address to prove you are a “real” human rather than an automated script.

Of course, it doesn’t take a huge amount of effort to write an automated script that gives the petition site a throwaway email address and then – seconds later – automatically “click” on the link sent to that address.

The site may wish to invest in some better CAPTCHA technology to make it a little more difficult for the mischief-makers of 4Chan to flood the petition with bogus signatures.

Of course, 77,000 bogus signatures is a tiny proportion of the 3.7 million who have so far signed that particular petition.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

3 Replies to “Automated bots bombard EU referendum petition with fake signatures”

  1. Far worse than that is the security that the government is looking to use to verify people for government transactions – gov.uk verify. see – http://wp.me/p3U0tf-77

  2. 3.7 million petition signatures. Let's do the maths. 52% of 33.4 million people who voted, said leave the EU. That's 17.4 million people who probably would never sign that petition. That leaves 16 million "remainers". So, less than a quarter of people who voted remain, signed that petition. Despite the volumes involved, that petition is worth diddly squat!

  3. It breaks the "too wow to be true" rule that 2.5m signatures came in 3 days
    I would expect that many more are fake than the 77,000
    ..strange that journalists just accept numbers without proper challenging.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES