Categories
Housekeeping & Self References

A new journal, a new bogus review: again, the culprits are banned

This is an update on an earlier post, A case of stolen professional identity, which is just a little too long to add directly to the original post.

Last month I received a request for review. But it wasn’t just any request: the title looked suspiciously similar to the title of a paper whose review I had been asked to confirm back in March. In the original incident (described here), the culprits were found to have created a false gmail account for me and submitted my name as a reviewer with that false email account. They were banned from that journal (let’s call it Journal1). I really didn’t think they would try again, at least not with the same fake review setup (specifically, my name and a false email account).

But they did.

Journal2 sent me a standard review request in June. It turns out that behind the scenes, a bogus email address was used, though I’m not sure it was the same one used for Journal1. The affiliation that was provided to Editor2 by the author of the submission appeared strange to him, and so Editor2 searched for me online and found my institutional address. And, as with last time, mine wasn’t the only identity used fraudulently. I noticed the similarities, and I put Editor1 in touch with Editor2, they compared notes, and discovered it was the same paper, the same authors, and the same trick being attempted again.

Turns out fake emails weren’t the only fake thing about them. Though I don’t know the details, I believe there were also fake phone numbers and perhaps fake affiliations.

The authors have been formally banned from Journal2 (as happened with Journal1), and I have to say I wanted to cheer when I saw the words “Please note that this type of behavior is not acceptable in science and will not be tolerated.” Editor2 is going to move things forward, including bringing it to the attention of the Committee on Publication Ethics. I am also looking into ways to take away the false gmail account from whoever owns it, so that hopefully at least that permutation of my name cannot be used again. However, that isn’t a practical solution in the long term, as there are many, many possible permutations.

I had hoped it wouldn’t happen again, but it has, and quickly. Seems like the single thing that would help the most, while needing the smallest change to the existing system, would be to require institutional addresses. Additionally, open peer review might help, though you’d have to do a regular search to ensure that someone didn’t publish an open peer review pretending to be you. My thanks go to both Editor1 and Editor2 for allowing me to, once again, write about these experiences. With knowledge comes great responsibility, yes, but also forewarning.

And I hope it doesn’t happen again. Again.

Categories
Housekeeping & Self References

A Case of Stolen Professional Identity

…or when a bogus review with my name on it was submitted to a journal.

Update: Please read how the same people tried it again, with another journal, in this post.

At the beginning of last month, just as I was starting to work part-time on my PhD again after maternity leave, a curious and worrying thing happened. My name – and, as such, my professional identity – was stolen and used in a bogus review for a journal submission.

How it Happened

The story begins with an email I received from an Editor asking me to confirm that I had recently submitted a review to his Journal. He was suspicious, as the email address provided for me was a gmail account rather than my institutional address. While my name and affiliation in the review were correct, the gmail address was not mine. A little while later, the Editor let me know that other reviewer email addresses were equally dubious, and at least one other person had confirmed that their professional identity had also been stolen and used to create one of the other reviews for the same submission.

The review itself was badly written and very short, and I am indebted to the Editor for catching the oddness of the email address and for delving into this situation so deeply. Despite all the help provided by author and reviewer databases, a little personal attention by editors goes a long way. This Journal’s rules for reviewing are pretty standard, and as with many journals, they allow authors to submit reviewer suggestions. I don’t think this practice should be stopped, as many research communities are relatively specialised or small, and you are more likely to get suitable reviewers if the authors are able to suggest options. However, abuse of this system is possible, and I would be very surprised if nothing like this scam has happened before.

The Outcome

It was caught early here, just after the reviews were submitted. The culprits were banned. Though I’m not privy to whether or not any further legal action can or will be taken, at least there was a positive result for the Journal. The only way it could have been caught earlier is if the odd email addresses were noticed at the point the reviewer names were suggested, rather than once the reviews came in. I sincerely hope there aren’t other bogus reviews out there in other journals using anyone else’s name.

Personally Speaking…

I’d like to compliment the Editor and his Journal for discovering this unprofessional behaviour early on and for taking action. While it is a kind of dubious honour to be selected for such a scam (the scammers must think I’m a good reviewer choice?), it has been an uncomfortable experience for me personally. I expend a reasonable amount of effort on maintaining my professional online appearance. A search on my name retrieves mainly work-related hits, and this is a useful aid for both sharing work and finding other like-minded researchers. I assume this is how the scammers came up with my name, and the names of the others whose professional personae were misused in the same way. Such sub-standard reviews could harm the perception of the real researcher in the eyes of the journals concerned, and this is a worry.

Catching the Crooks

This isn’t a post on the purpose or usefulness of peer review. Whatever your views (and some are quite negative), the process is firmly entrenched in our community, at least for now. But how should we be working to prevent such scams in future?

Should journals require institutional email addresses? Should journals not accept email addresses from authors at all, and search for reviewers’ addresses independently? Certainly there are few reasons why honest reviewers would be using a non-institutional address, but is it a little too much to force such a constraint?

Additionally, there are many proponents of getting rid of anonymity in the refereeing process. Indeed, PLoS journals encourage reviewers to name themselves. Would be more difficult to perform this kind of a scam if the name of the reviewer were visible? What if the scammers managed to succeed, and the wronged party never noticed their name on that review, visible for all to see? It could be a real blow for professional reputations.

A Final Note

I’m happy that the wrongdoers were caught, and that the Journal and Editor were open enough about what happened to encourage me to write about it: they hope that this openness will make it harder for people to perform the same stunt again. Bad reviews lead to substandard papers being accepted, which lowers the standing of whatever journal publishes them: a bad outcome for the whole community.

Hopefully this will be a timely warning to others, as I’ve never heard of it happening before. Please let me know if you’ve ever had a similar experience, as I’d be interested to hear about it.

One final thought: having written a review in my name, do you think these scammers could write my PhD thesis for me too? Hmmm, perhaps not such a good idea after all….

What are your ideas? How could such a scam be prevented in future? Let me know about your suggestions on this topic, or your own experiences. Is this more common than we think? You can contact me via the comments on this post or via the various social networking methods I use. Further information is available from my About page.