On April 27, NxtGen, a nonprofit organisation under the Pulchowk Engineering Campus, hosted a webinar on Covid-19 preparedness for students. During the event, the organisers noticed some audience members from fake email addresses violating cybersecurity laws, which left the audience and the speakers tense.
The organisers think their purpose of joining the webinar was disturbing In other words, they were ‘spammers’.
“I felt disgusted; I could not listen to the things they were saying to a teacher and guests. So, for a moment I exited the webinar,” Shishir Panta, one of the attendees of that webinar narrates his experience of the webinar.
With the lockdown imposed to control the coronavirus outbreak in the country extended time and again, many organisations have resorted to webinars and online meetings to discuss various issues. However, many of them have reported attacks from spammers.
What do they do?
Webinars are in trend nowadays; so are the webinar spamming and spammers. As webinars and online discussions, classes and meetings have been the only possible medium to communicate between the organisations and people amid the lockdown, these webinars have been constantly disturbed by the spammers who anonymously participate in those webinars with the sole motive of disturbing the session.
Panta explains his experience of encountering a spammer, “Initially, the webinar was going quite well until a few fellows barged in and made a mess of the situation. They started talking dirty things repeatedly, interrupting and humiliating the speakers and organisers.”
When he re-entered the session, he briefs that the whole scenario was disgusting and pathetic. It was not until the organisers blocked those people, webinar resumed with its flows.
NxtGen’s president Jay Kishan Panjiyar claims, “As, our event was the first victim of these spammers in Nepal, we were completely unaware about the webinar spamming and spammers earlier.”
But, NxtGen is not only the sole victim of such happenings. There are many who fall prey to such incidents. Girls in Tech-Nepal also faced a similar situation, in which the spammers muted the host, libeled and similar spamming activity like muting the host and moderator while they are speaking, slandering and defaming them. Some of them played songs in between, spoke foul words time and again. Similarly, Robotics Association of Nepal (RAN) also faced similar occurrences in a virtual panel discussion hosted on April 27 by its Miss Tech wing.
How do spammers get into the webinars?
Panjiyar describes, “We hosted the webinar using Google Meet as it has the capacity of 250 people. It is designed in such a way that a link has to be shared to invite the attendees to the event. We shared that link on our Facebook page and in our networks. We shared the link publicly thinking it would benefit every student. But, it let the spammers enter the webinar.”
Likewise, Astha Sharma, Volunteer Managing Director at Girls in Tech-Nepal, narrates her experience of how the intruders get into their webinar session, “First of all, we publish the Google forms for registration of the interested participants for our webinar. Then, we mail those who have filled up that form and registered for the session a link of the webinar mentioning all the required details. Though we don’t make public that link, anyone having that link can attend the session as well as can share with others.”
Sharma suspects there are some organised groups of spammers who are looking for some opportunities to disturb. Some of them might appear genuine at first and register duly, completing all the requirements, but change into spammers later.
A cybersecurity analyst at THREATNIX, a company providing professional cybersecurity services, Abiral Shrestha explains how the spammers enter the webinars, “The organisers are not aware of preventive measures that need to be applied while organising the webinars. The spammers generally get into these improperly configured webinars. The webinars meant to be private to certain groups of people are also sometimes accidentally made public by sharing links publicly.”
How to identify the spammers?
Shrestha suggests the organisers can identify spammers by segregating the emails and usernames that look suspicious, tracking accounts of people trying to impersonate celebrities/politicians and analysing previous spamming activities of the viewers. However, he maintains, “During big public webinars, it can be quite hard to track them unless they make some abusive comments or share some malicious links.”
However, Sharma complains, “It is quite difficult to find who the actual spammers are because some of them have used authentic names, some of them have opened four to five tabs altogether. One does not have one particular style of identifying them.”
Meanwhile, Panjiyar shares his experience of tracking the spammers. “Firstly, the webinar was being recorded. So, we had records of their faces, names, and email addresses. Secondly, while entering the webinar, emails are saved for future use. Tracing such emails, we got such breachers.”
Why do they spam anyway?
Cybersecurity analyst Shrestha says the spammers generally spam webinars for monetary benefits. However, in the case of Nepal, they just tend to do it for fun and just to prove the point that they can, he believes.
In addition, Sharma and Panjiyar have noticed that most of the spammers were minors; they were either +2 students or undergraduates unaware of the consequences and laws.
Panjiyar views, “Their motive is just to ruin the events happening digitally. Maybe they are not able to tolerate productive activities going on during the lockdown.”
Sharma agrees, “Their sole intention is to disturb the webinar. Rather than blaming the weakness of any such video conferencing platform, the main problem lies within the mindset of such intruders. Some of them also claimed they did so as they were bored.”
What does it matter?
Though the spammers do not have any serious intention behind their activities, they have a serious impact on the effectiveness of such online events, according to the organisers.
Sharma asserts, “The entire hard work in hosting webinars goes in vain after such interventions from the spammers. Such incidents let the confidence of the hosts down.”
She also fears that such incidents might give a negative impression of the entire country to foreign participants. She narrates, “On that particular day, we had a foreign facilitator from Sri Lanka, currently living in Australia and working for Microsoft. He was constantly asking, ‘Are such activities normal in Nepal?’ Despite the constant disturbances, he continued his presentation until the situation went out of control and the webinar got terminated.”
“As all the international speakers may not have any idea about Nepal, we are worried that they might judge our country and the people through these incidents only,” opines Sharma. Panjiyar also adds, “It is a matter of shame for the organisers as well.”
He also narrates a similar experience, “As one of the speakers we had was the Assistant Dean of the Institute of Engineering (Tribhuvan University), he was disappointed and embarrassed because some spammers tried to politicse the event. Likewise, one of our speakers left the webinar halfway. Also, we had many female participants, and using vulgar words made them leave.”
“One of my team members was with his family, saying we have organised such a great event. Just think, what might have happened to him and his family,” asks Panjiyar.