- California aims to strengthen data breach notification law Thursday 5:37 PM
- Feds say college student operated drug business through gaming app Thursday 4:36 PM
- Trump is again using old videos to claim his border wall is ‘under construction Thursday 4:05 PM
- Laura Loomer led a second protest at Twitter yesterday Thursday 3:37 PM
- The eyes have it in these ‘Alita: Battle Angel’ memes Thursday 2:13 PM
- Facebook let advertisers target users interested in infamous Nazis Thursday 1:58 PM
- Dem senator promises to put net neutrality on the ‘political hot seat’ in coming months Thursday 1:28 PM
- Someone figured out that Toothless from ‘How to Train Your Dragon’ looks just like Bulbasaur Thursday 12:44 PM
- Disturbing Snapchat video shows 17-year-old throwing dog on trampoline Thursday 12:16 PM
- How to watch the new Bon Appetit channel for free Thursday 12:03 PM
- Eminem disses Netflix for canceling ‘The Punisher’ Thursday 11:50 AM
- Florida prisons sued for depriving inmates of music they paid for Thursday 11:36 AM
- Chris Hemsworth will become Hulk Hogan for Netflix biopic Thursday 11:29 AM
- Fortnite just introduced a K-Pop skin, and here’s how to unlock it Thursday 11:06 AM
- The YouTuber who exposed the site’s ‘softcore pedophile ring’ is under attack Thursday 10:39 AM
Spam Twitter account merchants are driving a $460,000 black market.
There are millions of spam profiles littering Twitter, and they’re practically unavoidable. But who’s behind this army of bogus accounts?
A research team announced Wednesday it’s finally traced these default-egg-avatared nuisances to their source, and their findings could help cut Twitter cut spam off at the head.
The researchers bought $5,000 worth of phony Twitter accounts from 27 online vendors for just 2-10 cents each. All told, that amounted to 120,000 accounts over 10 months. Their goal was to figure how to identify fraudulently registered accounts. The stakes are high: merchants earn an estimated $460,000 in total annual income, while the spammers they sell to harass and annoy Twitter’s millions of customers.
The team—comprised of researchers from the University of California, Berkeley, George Mason University, International Computer Science Institute—found the merchants through search engine ads, spam forums, and freelance sites like Fiverr. The research was done in cooperation with Twitter, and the team presented the findings at the Usenix security conference in Washington, D.C. Wednesday.
Merchants are the ones who make and sell the fake accounts. Their customers are usually spammers, who use armies of robot accounts to automatically send scam links to Twitter users. Other customers use the dummy accounts to boost their follower numbers and seem more popular than they actually are.
Stopping the spammers is vital to cleaning up the community, but it’s not a simple task.
The researchers said account sellers used fake email credentials and tens of thousands of hijacked computers to avoid Twitter’s suspicions. Some merchants hoarded accounts for months to give them an air of legitimacy.
Using data it acquired by tracking these patterns, Twitter suspended 95 percent of all phony accounts. When the team purchased further accounts immediately after Twitter’s intervention, they found 90 percent were suspended by time of delivery.
The merchants were puzzled by the lost stock, though soon regrouped. The most prominent sellers were back in action within a few weeks, after figuring out new ways of bypassing Twitter’s defenses.
Twitter is working to integrate the researchers’ methods for finding phony accounts into its abuse detection system. But as long as there’s money to be made on the black market, scammers will find ways of creating spam accounts en masse.
Based in Montreal, Kris Holt has been writing about technology and web culture since 2010. He writes for Engadget and Tech News World, and his byline has also appeared in Paste, Salon, International Business Times, Mashable, and elsewhere.