Tag Archives: spam

Facebook bans hundreds of clickbait farms for ‘coordinated inauthentic behavior’

Facebook has announced a relatively small but significant purge of bad actors from the platform: 810 pages and accounts that have “consistently broken our rules against spam and coordinated inauthentic behavior.” It may not seem like a lot, but it sounds like the company is erring on the side of disclosure even if the news isn’t particularly hard-hitting. These were not, as far as Facebook could tell, part of an organized nation-state effort or political interference campaign, like the Iranian and Russian groups previously highlighted in these ban alert posts. These are pages that use networks of fake accounts and pages to drive traffic to clickbait articles strictly for the purpose of ad revenue. Facebook and Twitter remove hundreds of accounts linked to Iranian and Russian political meddling 810 can’t be much more than a drop out of the bucket of fake accounts on Facebook — of which there are millions — but the company’s focus right now isn’t individual bad actors but coordinated ones. A few hundred accounts working together to do a bit of ad fraud produces a sort of digital footprint that might look similar to a a few hundred accounts working together to push a political narrative or sow discontent.  And one can turn into the other quite easily. There are patterns of logins, likes, visits, account creation, and so on that Facebook has been working hard to identify — recently, at least. Although they’ve designed their net to catch the nation-state actors and large-scale operations that have previously been uncovered, small fry like these spammers are getting tangled up as well. Not a bad thing. “Given the activity we’ve seen — and its timing ahead of the US midterm elections — we wanted to give some details about the types of behavior that led to this action,” the company wrote on its blog. No doubt they also want to give the impression that there is indeed a cop on the beat. Expect more announcements like this through the midterms as Facebook strives to make it clear that it is working round the clock to keep you, its valuable product users, safe .

Read More »

Duo Security researchers’ Twitter ‘bot or not’ study unearths crypto botnet

A team of researchers at Duo Security has unearthed a sophisticated botnet operating on Twitter — and being used to spread a cryptocurrency scam. The botnet was discovered during the course of a wider research project to create and publish a methodology for identifying Twitter account automation — to help support further research into bots and how they operate. The team used Twitter’s API and some standard data enrichment techniques to create a large data set of 88 million public Twitter accounts, comprising more than half a billion tweets. (Although they say they focused on the last 200 tweets per account for the study.) They then used classic machine learning methods to train a bot classifier, and later applied other tried and tested data science techniques to map and analyze the structure of botnets they’d uncovered. They’re open sourcing their documentation and data collection system in the hopes that other researchers will pick up the baton and run with it — such as, say, to do a follow up study focused on trying to ID good vs bad automation. Their focus for their own classifier was on pure-play bots, rather than hybrid accounts which intentionally blend automation with some human interactions to make bots even harder to spot. They also not look at sentiment for this study — but were rather fixed on addressing the core question of whether a Twitter account is automated or not. They say it’s likely a few ‘cyborg’ hybrids crept into their data-set, such as customer service Twitter accounts which operate with a mix of automation and staff attention. But, again, they weren’t concerned specifically with attempting to identify the (even more slippery) bot-human-agent hybrids — such as those, for example, involved in state-backed efforts to fence political disinformation. The study led them into some interesting analysis of botnet architectures — and their paper includes a case study on the cryptocurrency scam botnet they unearthed (which they say was comprised of at least 15,000 bots “but likely much more”), and which attempts to syphon money from unsuspecting users via malicious “giveaway” links… ‘Attempts’ being the correct tense because, despite reporting the findings of their research to Twitter, they say this crypto scam botnet is still functioning on its platform — by imitating otherwise legitimate Twitter accounts, including news organizations (such as the below example), and on a much smaller scale, hijacking verified accounts… They even found Twitter recommending users follow other spam bots in the botnet under the “Who to follow” section in the sidebar. Ouch. A Twitter spokeswoman would not answer our specific questions about its own experience and understanding of bots and botnets on its platform, so it’s not clear why it hasn’t been able to totally vanquish this crypto botnet yet. Although in a statement responding to the research, the company suggests this sort of spammy automation may be automatically detected and hidden by its anti-spam countermeasures (which would not be reflected in the data the Duo researchers had access to via the Twitter API).

Read More »

Twitter acquires anti-abuse technology provider Smyte

Twitter this morning announced it has agreed to buy San Francisco-based technology company Smyte,  which describes itself as “trust and safety as a service.” Founded in 2014 by former Google and Instagram engineers, Smyte offers tools to stop online abuse, harassment, and spam, and protect user accounts. Terms of the deal were not disclosed, but this is Twitter’s first acquisition since buying consumer mobile startup Yes, Inc. back in December 2016 Online harassment has been of particular concern to Twitter in recent months, as the level of online discourse across the web has become increasingly hate-filled and abusive. The company has attempted to combat this problem with new policies focused on the reduction of hate speech, violent threats, and harassment on its platform, but it’s fair to say that problem is nowhere near solved. As anyone who uses Twitter will tell you, the site continues to be filled with trolls, abusers, bots, and scams – and especially crypto scams, as of late. This is where Smyte’s technology – and its team – could help. The company was founded by engineers with backgrounds in spam, fraud and security. Smyte CEO Pete Hunt previously led Instagram’s web team, built Instagram’s business analytics products, and helped to open source Facebook’s React.js; co-founder Julian Tempelsman worked on Gmail’s spam and abuse team, and before that Google Wallet’s anti-fraud team and the Google Drive anti-abuse team; and co-founder Josh Yudaken was a member of Instagram’s core infrastructure team. The startup launched out of Y Combinator in 2015 , with a focus on preventing online fraud. Today, its solutions are capable of stopping all sorts of unwanted online behavior, including phishing, spam, fake accounts, cyberbullying, hate speech and trolling, the company’s website claims. Smyte offer customers access to its technology via a REST API, or it can pull data directly from its customer’s app or data warehouse to analyze. Smyte would then import the existing rules, and use machine learning to create new rules and other machine learning models suited to the business’s specific needs. The customers data scientists could also use Smyte to deploy (but not train) their own custom machine learning models, too. Smyte’s system includes a dashboard where analysts can surface emerging trends in real-time, as well as conduct manual reviews of individual entities or clusters of related entities and take bulk actions.

Read More »

Facebook uses AI to detect fake ads

Facebook has been making efforts to be more transparent about its efforts to moderate posts and combat the spread of fake news and other spam, especially after the social network's effects on the recent election in the US. Today, the organization dis...

Read More »

Facebook busts up international spam operation

While Facebook has spent significant time fighting fake news on its network, it continues to battle another plague to its social platform: Fake accounts. These are often used to spread low-quality content, so the internet titan has been ramping up it...

Read More »