Doxxing People With Honeypot Websites

An interesting story by The Daily Beast reports about how a group opposed to far-right Trump supporters used a fake, honeypot-style website to collect their names and then doxx them.

On August 18, Trump supporters will host the “National March Against Far-Left Violence” in several cities, organized by a pair of frequent attendees at far-right rallies. Expected participants include members of anti-Muslim group the Proud Boys and people involved in the pro-Trump troll group Patriot Prayer, which has attracted white supremacists. In early July, when march leaders were planning their event, an apparent ally set up a website where marchers could pre-order anti-anti-fascist t-shirts. But the website appears to have been a trap by antifa, who turned around and published the names and addresses they’d collected from the website.

. . .

An anonymous person registered a website for the National March Against Far-Left Violence in early July, web registry records show. An early version of the site encouraged fans to subscribe to its mailing list or pre-order t-shirts, which showed an anti-fascist symbol being damaged by the American flag. The site didn’t ask for payment, just an address “so we can calculate shippings costs.”

. . .

That didn’t stop approximately three dozen people who allegedly signed up for the mailing list or tried to reserve anti-antifa shirts. This week, days before the march, the site started publishing those people’s names, and sometimes their addresses.

This is clever and I have to give props to the Antifa, but this is a tactic that I presume will not be amusing when it inevitably gets used for much wider purposes.

For example, I could imagine a far-right anti-immigrant group setting up a similar website to try to trick supporters of sanctuary cities, and then turn over information to ICE any of the folks who they suspect are illegal immigrants.

The Daily Beast does not that the National March focus claim to have contacted the some sort of unnamed “authorities” to report this as a potential crime.

“The authorities have been notified and are extremely interested because it appears that interstate fraud has been committed,” the page wrote. “The Antifa infiltrators made a big mistake by attempting to take phony t-shirt orders because now they are engaged in an actual crime.”

I’m assuming that even if the mysterious “authorities” were contacted, however, that at least in this case investigating this sort of computer fraud is not high on the priority list for any law enforcement agency.

Post Revisions:

Leave a Reply