Profiling The Latest Social Media Predator: The Carpetbomber

Recently, we constructed a profile of an online predator known as a catfisher.  Recapped: one involved in this activity creates a fake profile (or uses his real name but provides very little verifiable personal information) and pursues unwitting targets via social media for his own selfish reason – whether it’s attention-seeking, pursuing an offline sexual encounter, a money grab, etc.  We previously provided these tips on identifying catfishers:

How To Spot A Catfisher:

1. Caginess about life details: Marital status, age, location, field of employment, etc.

2. Has few photos of himself.

3. The few photos that he has posted aren’t usually of him with consistent people in his life.

4. Few, if any, posts on his timeline denoting real time activities with friends and family.

On the heels of the Catfisher, we’re now encountering cases involving the “CarpetBomber”.  Having undoubtedly catfished to select his targets- he friends them on Facebook, Twitter, Instagram, etc. and gains access to their cell numbers – he then claims to not be on that social media platform any longer.

How To Spot A Carpetbomber:

1.Texts seemingly innocuous (“feeler”) messages during off (evening/late night) hours.

2. Engages the target, over the course of time,  in more revealing, confidential conversations.

3. Builds on this “trust” and becomes more demanding – pushing the target’s comfort zones.  (The carpetbomber generally employs passive/aggressive control over the targets- complimenting upon cooperation; punishing the unaccommodating or reluctant with silence, withholding, disrespect, etc.)

4. Portrays himself as a “giver” to others – emotionally, physically, financially, etc.,  – yet he mostly demands from his targets.

5. Off kilter messages. Very few people can maintain fluid simultaneous multiple conversations.  In identifying a carpetbomber, look for texts that seemingly make sense but are slightly out of context or the timing is delayed or off.  While texting can lend itself to misunderstandings, it has a logical flow.  Carpetbombing does not follow a normal conversational stream.  It is often stilted, with the predator apologizing for “mistakes” and often blames the technology, trying  to appear self-effacing re: his tech skills.

6. Almost all communication is in writing; either by text or email.  The carpetbomber is messaging several targets at once –  impossible to do by phone.

7. Uses messaging apps with secret chats (which he can permanently delete on both ends), such as Snapchat or Telegram.

Don’t be fooled by this ever-evolving predator; he knows exactly what he is doing, what he wants and considers himself an expert on human nature- i.e., perverting its base instincts and innocence.

Bottom line: If it doesn’t read right, it’s usually not.  Keep an eye out for especially emotionally vulnerable people. If a loved one or a friend is becoming secretive, experiencing personality shifts, operating at strange hours… find out with whom they are communicating.   Perhaps an earlier intervention can preclude a damaging result.

BNI Operatives: Situationally aware.

As always, stay safe.

What You Need to Know About Text-to-911


The FCC encourages emergency call centers to begin accepting texts as text providers develop text-to-911 capability, but it is up to each call center to decide the particular method in which to implement and deploy text-to-911 technology.

FCC rules require all wireless carriers and other providers of text messaging applications in the United States to deliver emergency texts to call centers that request them. If a call center requests text-to-911 service, text messaging providers must deliver the service in that area within six months.

To check to see if the 911 call center in your area supports text-to-911, download the FCC list of areas supporting available service (updated monthly). But even in areas where call centers accept text-to-911, existing voice-based 911 service is still the most reliable and preferred method of contact.

How to contact 911

If you use a wireless phone or other type of mobile device, make sure to do the following in an emergency:

  • Always contact 911 by making a voice call, if you can.
  • If you are deaf, hard of hearing or speech disabled, and text-to-911 is not available, use a TTY or a telecommunications relay service, if possible.
  • Remember that in many cases you cannot reach 911 by sending a text message.

Bounce-back messages

If you attempt to send a text to 911 where the service is not yet available, FCC rules require all wireless carriers and other text messaging providers to send an automatic “bounce-back” message that will advise you to contact emergency services by another method, such as making a voice call or using telecommunications relay service (for persons who are deaf, hard of hearing or have a speech disability). Bounce-back messages are intended to minimize your risk of mistakenly believing that a text to 911 has been transmitted to an emergency call center.

Which service providers are not required to support text-to-911?

  • The FCC’s text-to-911 rules do not apply to text messaging applications that do not support texting to and from U.S. phone numbers.
  • Text messaging apps that only support texting with other app users or texting via social media are not required to support text-to-911.

Bottom line: In an emergency: Call if you can, text if you can’t.


BNI Operatives: Situationally aware.

As always, stay safe.

Tactical Trainer, Christian Swann, on NSA-resistant Communication Encryption.

(This week, we bring you an informative article on protecting sensitive client data from our friend and one-woman whirlwind of accomplishments, Christian Swann (featured below): Christian is a writer, mom, edged and blunt tool instructor for law enforcement and the military, and a risk mitigation security and vulnerability assessment specialist.


Be vigilant about protecting sensitive  client data with these tools.

 I wrote an article not long ago about protecting our personal and sensitive important information. As some of you are well aware, once your data is out there, it’s out there. From the first click of the “check out now” button, you are being traced, watched and analyzed. From how much you spend, where you shop, to your favorite products to your prime shopping time – you’re being tracked. But that’s just one aspect of this passive monitoring.   Big Brother (e.g. and fact, as we now all know,  the NSA) has the capability and may not only watching but also listening, recording and even transcribing your confidential client conversations.

What about when it’s not only your information that is being tracked, but your clients’ confidential information is at risk of also being recorded? As a risk and security director of a multi-million dollar company, it is one of the toughest questions and concerns I have. I’m in constant contact with high-profile clients and sensitive data.

The good news for lawyers, corporations and medical professionals, concerned about maintaining their duty of confidentiality is that there are tools and safeguards now to help them.

Legal and risk management specialists, such as myself, need to be very aware of the possibility (or now, probability) of  their communications being intercepted by empowered governmental agencies.  Given the ever-changing, nebulous status of agency data collection laws, legal professionals have to deal with the ambiguity of this usage of collected data –  while contending with the secretive nature of intelligence agency operations, as well as the U.S. Foreign Intelligence Surveillance Court that oversees surveillance warrants.

Lawyers –  and anyone for that matter – should assume all of their conversations are subject to covert surveillance an should  take steps to protect confidential information.

I can’t stress enough that all pertinent emails, electronic messages and communications should be encrypted. There is no shortage of available encryption hardware and software, and I highly recommend using an encryption service such as ZixCorp or the open-sourced TrueCrypt: (Warning: this is an open source method and may not be as stable as desired.) Platform-specific devices are also available, such as, Apple’s FileVault.

“One can also purchase self-encrypting hard drives such as the Seagate Secure and already-encrypted flash drives – e.g.,  IronKey from Imation Corp.  and encryption software such as Symantec Whole Disk Encryption and Sophos Ltd.’s Safeguard“, says Lina Maini of Beacon Network Investigations, LLC.

As for passwords, I recommend a more secure method of authentication, such as security tokens or USB tokens.

Perhaps apparently, I’m a big fan of firewalls, and encrypting everything networked – from email to any and all telecomm technology apps.   I’ve also become a huge fan of the company Silent Circle. One of my favorite features of Silent Circle’s service is the ability to program burn settings.  I.e., one I’ve  sent any type of message: email, text, audio, it is then encrypted and will burn itself at the pre-set time. I’ve chosen.

Many people forget that one a voice message, text or email  has bent sent, that data  has to go through a provider, e.g.,  Apple, and is then is transferred back to the end-user, therefore leaving data footprints that can be copied.

For professionals that mainly communicate via phone, relief from eavesdropping is on its way. This month: Spanish smartphone company GeeksPhone and software company Silent Circle launch Blackphone, an encrypted smartphone that protects phone calls, text messages, emails and Internet browsing. Using VPN technology, Blackphone promises to be an NSA-resistant phone.I’m looking forward to ours arriving soon.

%d bloggers like this: