New types of fraud in the academic world by cyber criminals

In recent years, the academic world has faced many challenges such as a move towards online open access publishing, and researchers have tried to accommodate them. However, this has also created problems. For example, Dadkhah et al. (2015a) covered unethical behaviours in the academic world, including plagiarism, article sale, forced joint authorship, conversion of a journal in to a 'print machine', and invitations to invalid conferences. I believe that the main reasons for the above mentioned challenges do not belong to the publishers alone; unethical behaviour of some researchers is also to blame and can be effective in creating such challenges (Christova-Bagdassarian 2014, Shashikiran 2014). Valuable insights regarding journal quality in relation to these challenges, specifically 'predatory publishing' have been provided by Beall (2010a,b). There is not much research on the types of cybercrime in the academic world but there are 31 papers in Google Scholar, six papers in Scopus, and a paper in PubMed investigating hijacked journals. However, these types of 'scams' are increasing and it is necessary to expose them. Most of these frauds are clearly unknown to many researchers. In this paper, I discuss new types of fraud in the academic world and present general guidelines for preventing them. Most of these frauds are complex and require knowledge about information security and thus many researchers cannot detect them. Hijacked journals are fake websites that use the name and ISSN of authentic journals to cheat authors. These journals publish authors' papers without review by receiving money. There is some research regarding hijacked journals, but it seems that this is insufficient because the number of victims of hijacked journals is growing. Some authors (Jalalian accessed 08 October 2015) and GMP Review (Fake URL: http://www.euromed.uk.com; accessed 08 October 2015). Forgers cheat Thomson Reuters and indexed fake URLs by using some vulnerabilities in this scientific database. Currently, we observe a new type of hijacking. In previous hijacking methods, forgers used similar URLs to authentic journal URLs or created the website for journals that did not have a website. In the new hijacking method, forgers search in Thomson Reuters to find expired domains, which previously belonged to actual journals, then register them. When these expired domains are re-registered, authors will find the hijacked version of the journal in Thomson Reuters and think that it is the authentic version of journal. We list some examples of hijacked journals that forgers are using in this way: Journal of Veterinary Dentistry- ISSN: 0898-7564, Hijacked and indexed URL in Thomson Reuters (Fake URL: http://www.pspcommunications.com; accessed 08 October 2015; Authentic Version URL: http://www.jvdonline.org; accessed 08 October 2015); Intelligent Automation and Soft Computing – ISSN: 1079-8587 (Fake URL: http://autosoftjournal.org, Authentic Version URL: http://wacong.org/autosoft/auto/index.php); GMP Review – ISSN: 1476-4547 (Fake URL: euromed.uk.com, Authentic Version URL: http://www.euromedcommunications.com; accessed 08 October 2015). For detection of journals hijacked by this type of hijacking method, authors can use the Whois database (http://whois.domaintools.com/; accessed 08 October 2015). If the domain creation date does not match the years in which a journal has issues, the reviewed URL is fake because when an expired URL has been registered again by another person, the domain creation data will be changed to the most recent registration date. Also, editors of journals must inform scientific databases, such as Thomson Reuters, of any change in their journals' URL. Currently, forgers are attacking researchers for financial reasons. They gather list of emails addresses related to authors and send deceptive emails. They gather these email lists from open access journals with the use of specialized software. After collecting authors' email addresses, they send emails to authors and try to cheat them by sending fake PayPal invoices or phishing (Martino accessed 08 October 2015). By using the Whois database, an author can search the domain and receive related information; if the domain registration time is less than a year, the reviewed site is suspicious. According our inspection, an authentic proof reading site has more than one page ranking. I have introduced the types of cybercrime in the academic world and presented general guidelines for detecting them because I find that there is a lack of knowledge in the academic world regarding cybercrime. It is necessary that researchers know about cybercrime, otherwise they may themselves become victims. In addition, cybercrime has an adverse effect on the quality of academic resources. For example, published papers in hijacked journals may be indexed in scientific bases and be cited in future papers. Working to assess other aspects of cybercrime continues.