How to Stop Spam |
Paul Judge, chief research officer for Barracuda, noted that Twitter is an attractive target because it is both a social network and a search engine. Barracuda cited the example of Download-Heaven, a site that was using a Twitter account to push links to hosted shareware filled with malware and Trojans.
In a presentation called 'The Dark Side: measuring and analysing malicious activity on Twitter', Barracuda Networks' research scientist Daniel Peck and chief research officer and VP of cloud services Dr Paul Judge claimed that with any website with user generated content there is a gap in trust among users, some of who are genuine and others who use them as a means to attack other users' accounts.
With account hijacking, what risk model is there? Peck said that millions of users accounts are created every day and for every 100 users, only one per cent had 1,000 or more followers. One example the company tracked was Download-Heaven, a site that was using a Twitter account to push links to hosted shareware filled with malware and Trojans. Barracuda looked for that sort of imbalance as it tracked a raw stream of data from Twitter. It also looked for accounts that had been unfollowed by a lot of users over time; such accounts have often been recognized by other Twitter users as bad news.
What Barracuda found was that just 43 percent of Twitter users could be classified as "true". These were users that had more than 10 followers, friends, and tweets. Much like trying to game conventional search engines to get new eyeballs, scammers were adding topic tags and/or popular words and phrases to tweets to get them to show up in the "Trends" field on Twitter pages and higher up on Twitter's search results pages.
To track how widespread this practice was, Barracuda began grabbing popular search terms on Twitter every hour, and doing searches for them on the site. Twitter accounted for 8 percent of this total, with the other search engines logging the remainder.
"Google didn't necessarily get better--there was more malware--basically Bing, Twitter, and Yahoo got worse. To Twitter's credit, the company has made several efforts to keep this malware at bay. It also employed its own link-shortening service that similarly vets links. The free Profile Protector scans both your Facebook and Twitter profiles and identifies users that are on the company's watch list.
By. How to Stop Spam