Fembots land Ashley Madison in hot water with the FTC

Graham Cluley

Fembots land Ashley Madison in hot water with the FTC

Fembots land Ashley Madison in hot water with the FTC

“Life is short, have an affair” was the slogan of infidelity website Ashley Madison, which was famously hacked in 2015.

What they didn’t say was that you might be having a strictly online affair with a fake female profile, designed to trick you into entering your credit card details, under the misapprehension that you were chatting with a real woman rather than an algorithm.

Now Reuters reports that Ashley Madison’s parent company Avid is being investigated by the US Federal Trade Commission (FTC) after class action law suits were filed in the United States and Canada on behalf of customers whose details were exposed following the hack, and amid allegations that fake female profiles were used by the site to manipulate users:

An Ernst & Young report commissioned by Avid and shared with Reuters confirmed that Avid used computer programs, dubbed fembots, that impersonated real women, striking up conversations with paying male customers.

Avid shut down the fake profiles in the United States, Canada and Australia in 2014, and by late 2015 in the rest of the world, but some U.S. users had message exchanges with foreign fembots until late in 2015, according to the report.

Ashley Madison had been planning to IPO before it was royally hacked. You have to imagine that it would have found itself in even hotter water if it had successfully floated on the stock market only to have it later revealed that it had been less than transparent with investors about its true (human) membership numbers.

The controversial dating site is under new management following the departure of CEO Noel Biderman (who has since been busy trying to clean the internet of references to his past with Ashley Madison), and the site has a brand new look which de-emphasises having an affair and claims it “is about so much more than infidelity.”

Ashley madison new site

New bosses Rob Segal and James Millership tell Reuters that the firm is spending millions on security and privacy improvements.

But that, of course, is going to be little comfort for those have already been burnt by Ashley Madison – having had their personal information exposed, and in some cases found themselves on the receiving end of blackmail letters or even driven to suicide.

The greatest irony of all is that some men have had their lives ruined and privacy invaded, when their chances of having an affair were close to zero, because they were speaking to a computer program rather than a flirting female.

Further reading:
Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

58 Replies to “Fembots land Ashley Madison in hot water with the FTC”

  1. These sites have been running rampant for years as the FCC has been more concerned with trying to shut down and monitor conservatives on the web than actually doing their job.

    1. Of course there's also the probability that the FCC runs some of these sites to build up blackmail databases.

  2. I support the death penalty for hacking and for online fraud, over $6 million, th value of a human life. We should pass legislation allowing trials in absentia. The death sentences may be carried out around the world with drones. The government should be immunized for all collateral damage to family members of the hackers and major fraud people.

    1. How about life in prison for C.E.O.'s that cost consumers 100 million or more in losses?

      1. You are a special kind of supporter of criminals, aren't you? Why would anyone protect a criminal? That one is easy. The criminal generates worthless government make work jobs for members of the left. So, by protecting criminals, they are protecting jobs, at the expense of victims.

        You need to disclose the fraction of your income or that of your employer coming from government.

        1. Hypocrite. Calling someone a supporter of crime (with no evidence either[1]) when you're in favour and full support using drones to carry out executions in other nations…

          [1] Your blessed country also outlaws libel and slander. So you're hypocritical there too.

          1. Actually a human life is worth a lot less on terms of insurance coverages. The gling rate for a lost life with education and kids younger than college is 2 Million

    2. 'over $6 million, th [sic] value of a human life.'

      Was this a typo ? Did you really just suggest a human life is only $6m USD? In any case, to the Americans that whine about the world seeing the US a world police, maybe you should look at David Behar. Death sentences across the world via drones? The suggestion is extremely disgusting even for humans. 'The government' itself is also scary. You know it has almost happened before and the US acts like it in many respects. You talk about criminals whilst simultaneously supporting something that is against international law – unless of course the US is the judge (but of course it's also the executioner). It also is unethical, hypocritical and absolutely disgusting. No trial? Kangaroo court? What's the difference in the end? Just murder people across the world for supposedly breaking into computer networks (which for all you know might not be legally questionable in their location). While you're at it murder people across the world for breaking national laws (the fact you're breaking international laws in the process doesn't matter because it's the USA!). Let's just simplify it: murder people across the world for existing. Drones are for cowards and your suggestion is extreme cowardice.

      On the subject of drones… I suppose you're also of the mind that the many hospitals that have been hit by drone strikes and all the many civilians who were killed are insignificant and just part of war. Did you ever hear of the law of war? Did it ever occur to you that the US isn't at war with the world – at least not technically?

      You're no better than paramilitaries who have gone beyond their (usually) legitimate purpose (i.e. they turn into thugs); in fact you're worse since you are okay with it from afar. Bloody coward.

      1. I think he's referring to old OSI data from the seventies, under Director Oscar Goldman, where they estimated the value of a man at six million dollars. HOWEVER< in that event, they actually only replaced one arm, two legs, and an eye, so the actual value would be higher, especially when you adjust for inflation.

      2. The $6 million is an overestimate from the Environmental Protection Agency. They used the market valuation method rather than my preferred method, the lifetime earnings. If one uses lifetime earnings, the value of life is more like $3 million, the value placed on it by buyers of services. What the EPA did was to ask, working in a restaurant requires about the same skill as working on an oil rig. The latter is more dangerous. What premium are workers requiring to do the same level of skilled work, but with more risk. They came up with the value of life of around $6million. What is the value of a hacker in some foreign land that has generated a $100 million cost for a company to remedy a breach of their customer records? Is it infinite?

        When you destroy that $6 million, you have murdered an economic person, i.e. the value of a person to the rest of us. Life has infinite value to the person, and to those that love the person. However, an infinite value is excessive in a policy discussion.

        Much of the hacking has state sponsorship, funding, and encouragement. If a nation lobbed mortar rounds over your border, you have every right under international law to send in an air strike over the border to attack it. This basic normative value is codified for states in the UN Charter Article 51. Article 51 is an exception to the Charter’s general prohibition on the use of force found in Article 2(4).

        If a state extradites a hacker for an in person public trial, it is better because it will deter others more. Upon a guilty verdict, the execution should be on the spot, again, to deter.

        As to cowardice or bravery, we are discussing what will work to decrease the amount of hacking now taking place.

  3. I'm still getting blackmailing e-mails. Fortunately, the first one let me know which credit card to cancel.
    And, unless you're a dolt, the 'bots' are easy enough to avoid.
    But as far as adult sites go, AM is better because you use your credits one at a time, rather than having to pay for every time segment (1 month, 6 months, 1 year, etc). I like that, as one can go dormant (for whatever reason) and re-start later with the same amount of credits you had before.

      1. Why do you care what he spends his money on? He doesn't tell you to kill yourself for gorging on poptarts, greasy Bar-B-Que and cheap beer

      2. Graham, you know I know you're trying to keep this as open as possible but I would ask you to think on this one. I would never hurt anyone except in self defence (or protecting others) and lack of ethics and morals is something I find inexcusable (and clearly hurting someone you supposedly love is an extreme example). But telling someone to kill themselves no matter the circumstances is also inexcusable and absolutely unethical.

        I leave the judgement up to you in the end, of course, but with my history of mental illness I find that comment extremely disturbing (and I would say that anyone who has suffered from mental illness would also agree – and some who haven't suffered would also agree). And what many might not understand is maybe someone is going through a very rough time and they need help rather than condemnation (and we all have good and bad in us). Suicide is a complex thing just like life in general and it is a combination of things which push someone to end their life.

        I'm not talking about Lance even; telling someone to commit suicide is always a very serious problem and that is what I am getting at.

  4. No shame or remorse! Doesn't matter whether or not they were talking to bots, they were CHEATING! There's the main theme! Deceiving and being deceived! What a vile and perverse generation!!

    1. How do they differ from government in the US today?

      Or most corporate policies, for that matter?

    2. Whoa, baby. I'm unmarried. 'Life is short – have an affair' is simply their hook. There are thousands of single men & women on there.

      1. Personally I'm baffled why anyone would still be using Ashley Madison rather than any of the many many other dating sites available online.

        And no, I don't believe AM when they say they have over 46 million members…

      1. I like to think that the Westboro Baptist Church has its own dating website where members can find like-minded souls.

        In fact, that probably *is* the case. Dangerous thing in-breeding…

    3. Actually, not everyone whose details were leaked by the Ashley Madison hack was cheating.

      See here for an example: https://www.grahamcluley.com/author/anonymous/

      Furthermore, there were – no doubt – single people using the site, and folks who might be in an open relationship etc etc.

      We shouldn't be too quick to judge.

  5. How many people have "had their lives ruined and privacy invaded' for even less, thanks to the IT security failures of not only business, but government as well? At least with AM, SOME of the possibilities of dalliance were real.

    1. Although in the case of Ashley Madison people did have their private details exposed even if they didn't cheat.

      Simple curiousity could have resulted in them becoming victims of the Ashley Madison hack, and the subsequent blackmail attempts.

      It's easy to imagine how some may have briefly been a member of the site years before they entered a steady relationship, only to have it haunt them later on because of Ashley Madison's sloppy security and data practices.

  6. No equal justice under the law exists in America; if you are a corporation or have lots of money you are above the law.

    Americans need to start rioting and tear this government apart.

    Enough with the modern Wall Street fraud business model.

  7. if you cannot tell the difference between live and virtual woman then you deserve what you get.

    1. Real women are often much worse or insufferable so I agree. Marry a whale and cheat with fembots. Seems logical.

  8. Maybe it's just me, but I have trouble feeling any sympathy for some asshole who was deliberately out to f*** around on his wife that got caught in some kind of scam. Serves you right. Either stay at home where you belong or get a divorce.

  9. We will find out a lot of these sites are doing this type of thing, and not just for this type of situation, but sites that offer home improvements, any type of professional services for weddings and parties, all types of things where a professional pays to submit bids to computer generated customers in the hopes of winning business. Only to find out when they never receive a response, their money was wasted giving bids or quotes to computer generated people who do not exist.

    1. Likely 75-85% of adult dating sites are like that. Or they pay people to send e-mails, you sign up, then find it's some BS. Yes, it's all too common.

  10. My question is what type of dumb@ss believes that there are all these women desperately looking for hookups online, given that any female who doesn't look totally repulsive can hang out in a bar and pick or choose among the guys hanging around her hoping to hook up?

  11. (((Biderman))) … creates a company that operates on fraud, now wants his past hidden. So typical.

  12. So you use a site that's Based on Lying and expect it to be legally bound to telling you the customer the truth hahaha. I'm glad that the people using Ashlee Madison lives got ruined, it's a good thing, they make it impossible for honest people to trust anyone. The users of this site Names should be all listed on a website, with their addresses, so everyone can know who's a complete degenerate. hahaha Losers were talking to A.I Bots.

    1. Yeah, except the fact that they didn't verify emails. Besides, as one woman (at least) said the fact her husband confessed was enough for her. I don't agree with being unfaithful to someone you supposedly love but even in cases where the law says otherwise it really shouldn't be your business which means you should let them solve their own problems. That is, of course, IF there is a problem at all.

  13. If there is money involved with human interaction and there is an angle that can be shot, it will be shot. This much I know.

  14. AM needs to do what Gawker did. Close up shop and leave with the grains of dignity it has left. As for the clientele, sucks that the ones that got caught with the hands in the cookie jar got repercussions for wanting to fool around on their spouses like a coward.

    IF YOU ARE NOT HAPPY IN YOUR MARRIAGE BE A BIG BOY/GIRL AND END IT. FOR YOURSELF AND THE SPOUSE, GIVE THEM A CHANCE TO FIND SOMEONE WHO WILL ACTUALLY APPRECIATE THEM AND NOT WASTE THEIR LIVES ON A LIE!

  15. here is the logic algorithm. Put up and tune out the "I just havent lost my baby fat although junior is 18, hire a hooker, or get a blowup doll.the last 2 are far cheaper, perform better, and little complaint

  16. These stories are like stories about gangbangers whacking each other in Chicago. You have to join the gang, and that ain't nobody's fault but your own dumb ass.

  17. Ashley Madison has created this image of its user as a playboy catting around behind his wife or girlfriend's wife.

    Now that they have been exposed as a complete fraud, yet remain in operation, I'm inclined to believe their user base is nothing more than a bunch of losers that are the type that name their blow-up doll.

  18. Any man who's ever dabbled in the online dating world of ant sort, and who is smart, knows damn well that "fembots" are above and beyond the norm.

    Seriously, as an example, go and peruse the rating-comments for Tinder in the Apple App Store. A large chunk of them are from men, complaining of the overwhelming amount of obviously fake profiles.

  19. Why would anyone pay to get "catfished" on a site like A.M., when they can get the same treatment for free on C.L., or any number of dating sites, or even F.B.? Heck, for that matter, if you're going to spend dough on online fantasy why not just put up the earnest money for that dude that sent you an email from the lottery commission from the Prince of the Zanzabarian Congo of Gusavia?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES