A Case of Stolen Professional Identity
…or when a bogus review with my name on it was submitted to a journal.
Update: Please read how the same people tried it again, with another journal, in this post.
At the beginning of last month, just as I was starting to work part-time on my PhD again after maternity leave, a curious and worrying thing happened. My name – and, as such, my professional identity – was stolen and used in a bogus review for a journal submission.
How it Happened
The story begins with an email I received from an Editor asking me to confirm that I had recently submitted a review to his Journal. He was suspicious, as the email address provided for me was a gmail account rather than my institutional address. While my name and affiliation in the review were correct, the gmail address was not mine. A little while later, the Editor let me know that other reviewer email addresses were equally dubious, and at least one other person had confirmed that their professional identity had also been stolen and used to create one of the other reviews for the same submission.
The review itself was badly written and very short, and I am indebted to the Editor for catching the oddness of the email address and for delving into this situation so deeply. Despite all the help provided by author and reviewer databases, a little personal attention by editors goes a long way. This Journal’s rules for reviewing are pretty standard, and as with many journals, they allow authors to submit reviewer suggestions. I don’t think this practice should be stopped, as many research communities are relatively specialised or small, and you are more likely to get suitable reviewers if the authors are able to suggest options. However, abuse of this system is possible, and I would be very surprised if nothing like this scam has happened before.
It was caught early here, just after the reviews were submitted. The culprits were banned. Though I’m not privy to whether or not any further legal action can or will be taken, at least there was a positive result for the Journal. The only way it could have been caught earlier is if the odd email addresses were noticed at the point the reviewer names were suggested, rather than once the reviews came in. I sincerely hope there aren’t other bogus reviews out there in other journals using anyone else’s name.
I’d like to compliment the Editor and his Journal for discovering this unprofessional behaviour early on and for taking action. While it is a kind of dubious honour to be selected for such a scam (the scammers must think I’m a good reviewer choice?), it has been an uncomfortable experience for me personally. I expend a reasonable amount of effort on maintaining my professional online appearance. A search on my name retrieves mainly work-related hits, and this is a useful aid for both sharing work and finding other like-minded researchers. I assume this is how the scammers came up with my name, and the names of the others whose professional personae were misused in the same way. Such sub-standard reviews could harm the perception of the real researcher in the eyes of the journals concerned, and this is a worry.
Catching the Crooks
This isn’t a post on the purpose or usefulness of peer review. Whatever your views (and some are quite negative), the process is firmly entrenched in our community, at least for now. But how should we be working to prevent such scams in future?
Should journals require institutional email addresses? Should journals not accept email addresses from authors at all, and search for reviewers’ addresses independently? Certainly there are few reasons why honest reviewers would be using a non-institutional address, but is it a little too much to force such a constraint?
Additionally, there are many proponents of getting rid of anonymity in the refereeing process. Indeed, PLoS journals encourage reviewers to name themselves. Would be more difficult to perform this kind of a scam if the name of the reviewer were visible? What if the scammers managed to succeed, and the wronged party never noticed their name on that review, visible for all to see? It could be a real blow for professional reputations.
A Final Note
I’m happy that the wrongdoers were caught, and that the Journal and Editor were open enough about what happened to encourage me to write about it: they hope that this openness will make it harder for people to perform the same stunt again. Bad reviews lead to substandard papers being accepted, which lowers the standing of whatever journal publishes them: a bad outcome for the whole community.
Hopefully this will be a timely warning to others, as I’ve never heard of it happening before. Please let me know if you’ve ever had a similar experience, as I’d be interested to hear about it.
One final thought: having written a review in my name, do you think these scammers could write my PhD thesis for me too? Hmmm, perhaps not such a good idea after all….
What are your ideas? How could such a scam be prevented in future? Let me know about your suggestions on this topic, or your own experiences. Is this more common than we think? You can contact me via the comments on this post or via the various social networking methods I use. Further information is available from my About page.