Verify, Then Trust - Rick Jennings

right so for those of you who haven't heard of me uh who may have done that I am fairly well known reasons you should listen to me I've got a PhD interception and female fraud around identity and academic potentials I wrote a book which was a bestseller briefly called when you're not you sadly I can get any copies from the publisher to bring here I've got 57 Journal articles on fake credentials and I'm part of an AI AG expert panel on academic integrity so I just want to kick off with a few questions for everyone first of all who's heard of academic fraud yeah so people creating potentials using false credentials uh who's worked with think tanks many think tanks are genuine many think tanks are actually just publicity Vehicles which will do the same sort of thing lend their credibility to people you get the idea who cares written my book a couple of you at least disappointed uh who's read any of my other work who's heard of me before and who checked my background for coming along to this talk so my actual name is James bore rather than Dr Rick James hopefully I know some of you recognize me hopefully it's a surprise to most of you because I did actually shave for this door it was a new insect fight and it's going to take days to fix and no I'm not a doctor I want to make that extremely clear now I do not have a doctor the reason I want to make that clear is we have this lovely law in the UK about crooked by false representation and the bit I really want to emphasize is that for this talk I am getting no personal gain and I am not going to accuse anyone of any particular actions which are covered in this talk because that be attempting to cause someone a loss which would mean by using a different name and pretending to have a title just for the few minutes at the start of the talk I would be committing fraud by false representation and if someone was really pissed off they could probably make a case of it so I just want to emphasize no gain not trying to cause anyone a loss no intention to deceive uh why am I qualified to talk about this well I'm a decent poker player I don't have to explain myself to a boss so no one's going to fire me which is great I was willing to shave to try and disguise myself and also put on a hat and pin my hair up and even dress in very boring clothes compared to normal I'm a certified ciscp either ccs and I also won the cyber security shirt of the year in 2022 in case you're wondering those last two bits are also completely falsely generated but the certificate there did get over 100 likes in the gym and a lot of positive comments so I feel it makes my point um impossible you hear a lot about imposter syndrome it is a genuine problem it does affect people it's when you doubt that your credentials are valid that any evidence any experience you have actually makes you belong in a particular group uh you feel like you don't belong like all of your peers are better you reject compliments and awards now plenty of awards should be rejected towards the pay to play once definitely but people will reject other rewards they'll say oh I don't deserve this no you do there's an aspect of it which doesn't get talked about so much which is that it can lead to people having this constant need to gain an exponential gain the next certificates you the next thing because that will mean they're not an imposter a fear of being exposed as fraud that's extremely common and a need to constantly justify to yourself so these are all aspects of imposter syndrome there are many more slight problem there's also not impossible now some of the people who suffer from not imposter syndrome will say they suffer from imposter syndrome to fit in I by the way do not actually suffer from imposter syndrome I'm very lucky that way um except when I'm pretending to be someone else so the symptoms of not imposter syndrome doctorates and professorships from degree Mills so you will see people who say oh I'm a professor of this University you look into the university and it doesn't exist or it's registered in Panama or its part of a network of distance learning universities which do two-day seminars to give people their honorary doctorates or various other things a lot of the time people claim a professorship rather than a doctorate because the professor is a job title and is not protected whereas claiming you've got a doctorate that's a potential and that before or false representation so it's actually illegal but there's plenty of fake book toots out there as well uh fellowships and memberships of bodies that barely exist LinkedIn is the best place to see this one you'll see people being fellows of various societies now you can be fellows of societies that's fine that's great when the society has two members not so much uh the other classic is the CEO of a Discord server pay to play or entirely fake Awards like my sadly my best shirt inside the world but again you can generate these themes and you can pay for them or if you want to save yourself paying for them I'm a photo studio spend 10 minutes on canva tickets false certifications like the ciscp no trademark infringement there from the CCS who don't exist you wondering just in case you've not picked them up from the talk so far fake certifications also come even when people are claiming real credentials instead so people claim they've got assist you can validate that you can check it and note it it's nowhere a lot of the time people don't pull up the hate Think Tank test now this one is a pet peeve of milk there are think tents out there which are completely fake just generated in order to give people credibility there are few things out there which are funded by very specific bodies to drive agendas there is a lovely one in the states who are very much against any sort of minimum age they were founded by a key also on behalf of employers who have McDonald's that is public records so I can turn it back Lane and linked influencers with all of that lovely lovely content which means nothing and 2 000 sources you should check to learn cyber and belong in cyber and of course marketing marketing misinformation and fraud everything is down to this particular technical issue which I will not name because some of you may associate that with someone and as I said I'm not accusing individuals but everything's down to this issue use my tool to scan for it and fix it and if you don't fix it then you're a bad person that will write a letter in LinkedIn so again about integrity and verification for an industry about information security we are really really bad at this stuff we are awful at information integrity and verification uh does anyone here know the author of that quote yeah the rest of you need to go and watch Netflix or by the books they're brilliant red flags how do you tell if someone is faking things well properly some people are just confident in potential and looking skill I told anyone extreme kinds of confidence anyone saying they are excellent at everything that they've got the whole amount of pet super credentials immediately be suspect no one's that good I don't care but Albert Einstein was a specialist it wasn't everything and he certainly would be comfortable there's a lot of things outside of his field that will apply to other people anyone who's always suggesting that comments and always suggesting they're an expert if you are a fan of fan fiction Mary Sue is the example after competence but with a few little endearing flaws in order to make them seem human I'm right everyone else is wrong now for some of us that's absolutely true but most of the time it's a red flag number one inside so if you're seeing someone saying no I'm right all of these other people are wrong is a problem alphabet soup you've seen the long long lists of credentials on LinkedIn anyone who has seen Red Dwarf I don't realize how many people have had and Ron swings certificate Silver Springs and excessive senior advisory roles now there are people who said there are people who sit on multiple Boards of companies that don't really exist like that CEO of a Discord server and there are people who don't actually have those positions because they're they're quite aren't terrified you can go to a university and say did this person study there and they will then say we can't tell you because you need to go and ask for that consensus go and ask them send them they say oh no because I don't have to prove myself to you doing something or they say oh yes absolutely and then they have to do anything about it they're so wrong it's like all they say yeah I'll just write an email and copy you in like that's a good song but writing to a company and saying does this person sit on your board of unofficial devices official advisors today what can I tell you and for good reason um bullying behaviors are another one many of the people who are doing this sort of academic fraud potential fraud impersonation they will actively bully anyone who calls them out on it and unfortunately a lot of the time they have large followings because they've managed to invest people sense because I've impressed a lot easily lit and so they will pay the victim and say look this person these people are attacking me go and ask her and that can turn into really thirsty organizations that barely exist company's house is an excellent resource if someone claims that they are a part of an organization in the UK you can look it up in the company's house it doesn't exist it doesn't exist it exists and it's dormant then it's not operating then using that name is actually a problem that hlc would be interested in and it exists and they've got a whole total of one pound share capital and Joel can take me back all of that lovely Star Trek stuff if people were throwing out technical terms particularly if they're technical terms that don't seem to make sense or relate to the issue another lovely red flag so let's do about it well be aware and this is important be aware calling it out can make you a Target decide whether it's worthwhile a lot of the people who do all it out work for large companies with large legal departments and have the support of those companies to do it if you aren't in that session then there may be things that you should think about first but I hate to say it because it sounds cynical it sounds horrendous but it's not worth it unless you know you've got the score or if you're comfortable with aggressing and for academic extensions if someone claims to be a prominent academic search for Journal articles search for papers Google Scholar they've not got many authorships or any then there's questions to be asked about whether they're really a practicing academic now I know there's issues in Academia about publishing be damned and hopefully much weight on research but if you are claiming to be a professor or a doctor in a particular subject you will have at least two or three obstacles somewhere you will have words published uh verify any organizations exist beyond the WordPress site the WordPress site or similar is always a popular one for making sure that there's a website up there so just do something that is what we do and very important to speak with people who trust and I do mean personally trust for support and reality checks it can happen it can be wrong when we're going through a Q7 or something like this so make sure you get that reality check asked am I doing the right thing am I being plausible am I getting overly concerned because they did this and that upset me that bothered me and therefore I now doubtful about everything and yeah you could be wrong verify before accusing anyone verified before calling anyone out and keep the seats keep the evidence of the profile that they had for that longest potential potential because sometimes when people get out without just one else and say well I never did what they're accusing of look they're trying to help me they're trying to attack me they're trying to discredit me I want 50 000 followers don't get so with all of that that lovely depressing talk uh what else does anyone like to know [Music] and that would be varying by state so there are different ones for different states some of them are public some of them aren't but there's usually some way that you can check if a company exists there will be some established public records of it it just may be difficult to access foreign [Music] [Music] there's various reasons so one is that you can found a company for free effectively I mean companies House have a charge but if you register through tide or counting up the one for business Banks and they will give you a bank account handles the company information documents it's a free offer to open new account which is lovely of them so there's zero cost and then you have a company number recording companies house that people often don't bother checking the credit history accounts then you're not going to be taxed on anything that brought in you're not going to have anyone coming off to you for debts particularly recently over the last few years all of those lovely Eternal checks but afford it out of and bounce back loads I mean I think it was sometimes six billion hours before that they chose to write off so that's the type of reason it's a disposable vehicle to do something and then disappear and Company's house do not check identities and I couldn't think of the reason is to why you want to do that if your goals were so I will be fair to some of them and there are companies that still talk but people have second call so it goes wrong and they vote but generally they won't then start up at very similarly known company and I mean you'll be aware that there's a long list of Chinese named companies which appear to be generated so there's various things I can think of one is a sort of extreme version of imposter syndrome where they just decided to go all in and embrace it one is insecurity major one that I see is personal profile fantasy and profit so it's trying to say yes I'm an expert yes I'm the best in the world at this thing and like me Dr Rick Jennings who's especially because so is trying to get that reassurance and is marketing it's making money he can make claims about products I'm sure everyone here can think of one or two companies without land disclaims some of which are very large pieces and some of which are very small and just an individuals and friends trying to sell something that isn't that special but they can convince people it is by chatting and writing better okay um why do they trust right they're going to victims trust well as I said we are very bad in this industry at verifying and integrity of the information I can almost guarantee uh if you're on LinkedIn and have a reasonable size Network there are a few people in there who aren't what they say they are don't have the expertise they act like particularly if they're very loud about it so the reason we trust is because honestly we may or may not have imposter syndrome but we are in Light Social proof we like evidence and once you've got a few people who've seen something like that when you've got that whole people pulling out you don't want to be fooled so being called out will tend to make us commit more and this has been evidenced many times over the years by cults so there's been holes who predicted the world will then when a comet went overhead and there was a lovely piece of research done by reporter on it after the comment went overhead and the world did not end they became more convinced it is like sold houses they cut ties with family and committed to this costs so surely they were right and it was just their favorite instead and it's a very similar thing that cultural personality can be incredibly convincing and if why it is so effective because you will get Dramatical people essentially coming after you if you don't have Frozen [Music] so my first question is in the UK is it only the government that can verify a degree without you giving consent because I know that for sure because I for my citizenship application nobody asking for consent they probably checked it without it so it will depend on the University and what their policy is um law enforcement governments and companies may have agreements and say we've got someone applying but it will be down to the individual universe usually it's if you are an individual asking to validate someone's credentials they will always say yeah if you're a company and you're well established or have an existing relationship with the university they know that you're doing it for a valid reason they know that it's not going to be such an issue is there a central register for some benefits who like who put the degree number you get like a verification on the website of the Ministry of Education for example and there are attempts to build one in some universities have signed up to one or the other that there is no single Center register that unaware of there may be uh [Music] the second question is about people as you mention that they're sometimes when some when there is an imposter there are people who are trying to pull them out and then of course they're trying to express the person is there any what's the explanation of the opposite when someone is a German and then you have people who are trying to to make you like destroy his his reputation by by calling him out of being an imposter and they probably know that but they have some other reason to put them down so there's plenty of reasons to discredit that if it's someone who's actually an imposter trying to discredit someone and does anyone know the game King of Hill yeah try to be the one standing on the parcel at the end there are a few better ways to establish credibility and Authority in people's minds than taking someone down we are naturally competitive Fishers creatures I mean we're also lovely creatures and we do social bonding and all sorts of things really well but we do have flaws so someone taking someone down or just predicting someone that buys them credibility because it means you don't trust them so you must trust me anyone else see people getting included up and social media lists but so for example I I want something through the other listed at 100 sizes [Music] it can be um I mean that's more related to journalism so for a mixture of reasons if I'm a journalist firstly it's a content to write it's really easy and long lists are something that people just click through and get your advertising Revenue the other thing it does is let's say I'm trying to convince someone that I am a racing so so I do a list of the top 100 and put myself somewhere around number seven then all of the others I actually find people I think do carry credibility because I'm in that group now up stolen what they've done and tied it to myself the other thing is sometimes gym is just deadlines and they're desperate and they wrap nails and don't really verify them like I said we're really bad at integrity and verification um but yes because I agree I was put on a list of I think top 10 LinkedIn influences inside the security and I've never been an influencer in my life [Music] don't laugh is I hate that word I hate that concept and anyone else foreign [Music] but Why didn't because the laws and procedures governing companies house are massively Antiquated not really kept up and there's no real incentive for them to do so because they're not affected by the falls and it brings a lot of money to you today a huge amount of money the other thing is you can appoint someone as a director of a company without them even knowing because you don't require their signature so yeah with those Chinese companies many of them are actually assigned to directors who aren't even when they exist some of the directors don't exist but some of them just live in the UK and their details have been dropped in right and of course if you're a director