Nov 21, 2019

Influencer marketing comes to cybersecurity

Illustration: Aïda Amer/Axios

The cybersecurity community is reckoning with influencer culture for the first time after several popular figures ran paid advertisements on their social media accounts.

The big picture: For years, the world of cybersecurity experts has operated more like a scientific community than a commercial one — and, until very recently, more like a counterculture than a service. The paid posts provided a glimpse of a corporate sponsor-driven future for security specialists surprised to find out that corporations knew who they were.

Driving the news: Several follower-rich cybersecurity Twitter accounts ran individualized promotions for Lenovo's secure line of products and security services, ThinkShield (all tagged "#ad #thinkshield"), sparking immediate pushback from the wider community.

  • The influencer marketer VizSense, not Lenovo, reached out to influencers. It's not clear how much Lenovo was aware of the plan.
  • The influencers who were contacted included a reporter, well-known researchers, a former intelligence operative, executives, a financial tech expert, an AI guru and others. All had more than 10,000 Twitter followers.
  • No one who ran the ads has confirmed being part of this campaign; however, several Twitter personalities posted using those hashtags.
  • VizSense, Lenovo and seven people who appear to have run Lenovo ads related to this campaign — one of whom ran ads in multiple languages — did not respond for requests for comment.

The campaign prompted immediate criticism online, with several security luminaries seeking out and posting screenshots of paid posts.

Between the lines: On Instagram, YouTube and other platforms, influencers with large followers routinely take cash to promote products, often in the fashion industry or entertainment. But this appears to be the first time personality-driven advertisements have been used in cybersecurity.

Several of the influencers who turned down the ads told Codebook that companies could use established, less-controversial methods if they wanted researchers to help increase awareness of security products and initiatives.

  • Researchers are often paid to conduct third-party evaluations of products. They can be brought in to assist in relevant research projects or speak at branded events and webcasts on research topics.
  • "There's nothing wrong with compensated reviews," said Chris Wysopal, co-founder and CTO of Veracode, who noted that VizSense couched an offer to him in terms of paid evaluations of Lenovo wares. "But it didn't look like the tweets people put out were reviews."
  • Wysopal and Jake Williams of Rendition Infosec, who both declined VizSense's offer, noted that they were asked to review Lenovo's ThinkShield based on an information sheet, not a product. Neither felt like they could have evaluated a full product in the time frame VizSense offered.

Zack Whittaker, the security editor for TechCrunch, told Codebook that VizSense approached him over LinkedIn — implying they were at least somewhat aware of his role as a journalist.

  • "It's particularly unethical for a company to actively approach journalists, of all people — ergo, to ask them to violate their ethics — to promote something in exchange for payment," he said, via electronic message.

The irony, said Wysopal, is that the backlash might obscure real progress Lenovo has made since the Superfish incident.

  • "There's a lot of good to ThinkShield, according to what they sent me," he said, pointing to supply chain protections that could fight future Superfish-style problems. "They didn't need to go with this approach."

Go deeper

Political ads are tricky to define in digital era

Illustration: Aïda Amer/Axios

Political ads have become a flashpoint ahead of the 2020 election, in part because new technologies make it nearly impossible to apply a universal definition of them to all advertising channels.

Why it matters: Without a commonly accepted definition of what a political ad is, efforts to regulate them have been challenging. Experts worry that without smart regulation of political ads, free speech — a tenet of democracy — can be gamed.

Go deeperArrowNov 23, 2019

Fake 5-star reviews proliferate online

Packages are scanned to be loaded onto delivery trucks at the Amazon fulfillment center in Robbinsville Township, N.J. Photo: Julio Cortez/AP

Fakespot Inc., which finds fraudulent reviews, found more than a third of online reviews on major sites are generated by robots or people paid to write them, The Wall Street Journal reports.

Why it matters: "The likelihood that consumers who read reviews will buy a product can triple based on the number of reviews it has," based on 2016 research cited by the N.Y. Times' Sapna Maheshwari.

Go deeperArrowNov 29, 2019

Rivals distance themselves from Facebook on political ads

Illustration: Lazaro Gamio / Axios

Google, Facebook, Twitter and Snapchat all made new announcements this week adjusting their political ad policies, placing themselves on a broad spectrum from anything goes to a near-total ban.

Why it matters: Many social media companies are using the ongoing political ad debate to distance themselves from Facebook, which has received the most criticism for its policies. Facebook's rules are the least restrictive amongst the group, because the tech giant believes that the government should regulate political ads, not private companies.

Go deeperArrowNov 21, 2019