Online security firm Sophos has a pretty good PR schtick: Find an online scam or security threat, post a press release warning of it, and watch the press pick it up.
Last week, though, the company went too far and put out a release that could get it sued.
Sophos on Jan. 24 posted one of its typical scam warnings based on a report of a Michigan county treasurer getting arrested for allegedly having fallen for a Nigerian 419 scam.
Thomas Katona, 56, of Harrisville, MI, was arrested for embezzling more than $1.2 million in public money to invest in a Nigerian 419 advance-fee scam, according to Michigan’s attorney general, Mike Cox.
Katona, who is the former Treasurer of Alcona County, MI, was charged with nine counts of felony embezzlement of public money, each of which carries a possible jail sentence of 10 years, and one felony count of forgery, which carries a possible jail sentence of 14 years, Cox said in a release.
Thing is, Sophos reported Katona’s alleged arrest as fact without sourcing Michigan’s attorney general. This is a very dangerous and stupid thing to do.
First—if you’ll excuse quick diversion into journalism 101—Sophos left out Katona’s age and city. What if there are multiple Thomas Katonas in Michigan? Guess what: A search of WhitePages.com brings up six. Five of these guys now may have reasonable grounds to sue.
Also, by failing to source Cox’s office, Sophos is being dishonest—albeit possibly unintentionally—by pretending to have done some reporting it didn’t do.
Moreover, what if Katona isn’t guilty? What if he was the recipient of Michigan’s annual Rescuing Kittens from Trees award but a clerical error resulted in his name being in Cox’s release? And what if Cox is just plain off his rocker?
It wouldn’t be the first time a U.S. attorney general wrongly accused someone of a crime. In fact, they seem to do it reasonably often.
This is why reporters use attribution—sometimes to an annoying extent.
In any case, Sophos’ cheap effort at getting press paid off. Several news outlets—Security Pro News, for example—reported the Katona story and sourced Sophos.
Let’s hear it for lazy-assed reporting and the companies that know how to exploit it.
Network
