Last week, New York City Mayor Bill de Blasio warned residents of a widespread Twitter and text-message circulated misinformation campaign falsely claiming that Manhattan was under quarantine.

Around this time, Attorney General Barr and U.S. Attorneys from various states were also  warning residents of spear phishing emails, fake websites, local phone area code or neighbor- spoofing calls, and text messages making all manner of fake claims. Some of them were offering free COVID-19 tracking apps only to inject malware; others were spoofing websites such as Johns Hopkins University’ website and providing false information; some others were emailing, calling, and texting residents offering free iPhones, groceries, treatments, cures—and whatever else—preying on our collective anxieties during this pandemic.

And this wasn’t just happening in the US. Similar attacks being reported in Australia and the European Union.

There is actually a common thread that connects all these attacks. They are all part of what I call the Internet’s Dark Triad: hacking, misinformation, and trolling– three types of attacks that usually feed off each other and, when working in concert, are especially potent.           

We saw the triad at work together during our last presidential election when the Russians hacked into the DNC, used the stolen data to seed misinformation websites, and organized a trolling campaign to reframe, retweet, and relentlessly disseminate the information throughout the US.

While it is easy to think of each of these types in isolation, thinking of them as parts of a whole makes it easier to appreciate their impact–and more importantly, deal with them.

For one, the triad feeds on fake profiles on social media, neighbor phone numbers, and email addresses. For instance, in Erie County, NY, someone impersonated a local TV station and tweeted fake news about the virus. Such attacks are very easy to foment, given the easy access everyone has to social media and VoIP services.

We have left the responsibility of curating content and profiles to individual media organizations, almost all of who have resorted to internal processes. Their process involves some automation but, given the nuanced and equivocal nature of content, they largely rely on human curators, who they have employed by the thousands.

But even during normal circumstances, as in the days before the pandemic reached our shores, the process was found lacking. Now, many content curators are at home and most aren’t even allowed to do their work because of the offensive, sensitive, and graphic nature of content they deal with. This means at the time when social media matters the most for users, its content is most vulnerable to misuse.

Instead of leaving this problem in the hands of individual social media organizations who are all creating organizational silos of vital information, we need these organizations to come together and coordinate their efforts. Media organizations should create a centralized data repository in which they pool their profile and content data. This database should be accessible to researchers and other media organizations, especially the regional and local media house that don’t have the depth in technical skills or manpower to keep a track of ongoing attacks. Having a centralized repository of profiles and phones being spoofed would allow us to identify attacks before they become widespread and to inform local agencies and residents.

Two, in his press release, Attorney General Barr asked Americans to report COVID-19 related cyber-attacks to the National Center for Disaster Fraud (by calling 1-866-720-5721 or by e-mailing But there are already several other federal and local agencies collecting similar reports. This includes the FTC and the purpose-built reporting portal of the FBI’s IC3, among many others.

Having users report on various portals needlessly duplicates efforts, not to mention wastes resources and confuses users. These efforts also need to be unified. Just as social media profiles and phone numbers are reused, so are spear phishing email accounts, their persuasive ploys, and the malware they carry. Centrally collecting reports and developing a consumer-focused information portal allows us to track attacks, identify the ones that are most virulent, and provide support to users—all of who are working from home networks, without the benefit of professional IT support.

Finally, at a time of anxiety, people turn to others for information and social support. It is, therefore, our responsibility to ensure that we don’t forward along false information—and give the oxygen necessary for the Dark Triad to function. It is important that we become vigilant about the information we encounter on our media feeds. We need to check the sources of information we receive, search online for other corroborating information, report malicious activity we encounter, and become responsible content curators for others in our sphere of influence.

We will, with our collective efforts, overcome this virus. For now, it’s our individual responsibility to ensure that neither the virus nor the Dark Triad succeeds.






*A version of this post appeared here: