Automated bots bombard EU referendum petition with fake signatures

BBC News reports:

An online petition calling for a second EU referendum has been hijacked by automated bots adding false signatures.

Posts on the 4chan message board indicated that some users had scripted programs to automatically sign the petition.

Thousands of signatures appeared to have come from people in Vatican City and Antarctica.

The House of Commons petitions committee said it had removed 77,000 signatures and was investigating.

The problem is that the UK government petitions site isn't doing enough to weed out fake participants.

Every time you sign a petition on the site, you are asked for an email address and have to click on a link in a message sent to that email address to prove you are a "real" human rather than an automated script.

Of course, it doesn't take a huge amount of effort to write an automated script that gives the petition site a throwaway email address and then - seconds later - automatically "click" on the link sent to that address.

The site may wish to invest in some better CAPTCHA technology to make it a little more difficult for the mischief-makers of 4Chan to flood the petition with bogus signatures.

Of course, 77,000 bogus signatures is a tiny proportion of the 3.7 million who have so far signed that particular petition.

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

3 Responses

  1. John Lewis

    June 28, 2016 at 10:22 am #

    Far worse than that is the security that the government is looking to use to verify people for government transactions – gov.uk verify. see – http://wp.me/p3U0tf-77

  2. graphicequaliser

    June 28, 2016 at 10:28 am #

    3.7 million petition signatures. Let's do the maths. 52% of 33.4 million people who voted, said leave the EU. That's 17.4 million people who probably would never sign that petition. That leaves 16 million "remainers". So, less than a quarter of people who voted remain, signed that petition. Despite the volumes involved, that petition is worth diddly squat!

  3. stewgreen

    July 2, 2016 at 7:29 pm #

    It breaks the "too wow to be true" rule that 2.5m signatures came in 3 days
    I would expect that many more are fake than the 77,000
    ..strange that journalists just accept numbers without proper challenging.

Leave a Reply