,

140 Characters of Crap: The Sophisticated Rise of Social Engineering on Twitter

Anybody that uses Twitter on a regular basis know that there are a lot of junk posts and meaningless content. There have even been studies done recently that categorized the type of posts and found that the majority wasn’t very “news worthy” to say the least. Yet there were some meaningful tweets, I have found quite a few. When you are dealing with the shear volume of data being created, even a small percentage is a treasure chest of information. While I have found some meaningful people to follow and value their research, thoughts, and insights, this article as not about them: it’s about the Twitter-trash spammers.

By default, social networks are, well, social. That leaves them open to a variety of Social Engineering exploits that are imaginative or downright stupid. For example, I receive a notice that, “Juliet2i9j is now following you on Twitter!” Part of the Twitter ‘culture’ is to ‘follow back’ anyone that follows you. I screen my followers so I checked out ‘Juliet2i9j’ to see if there was any funny-business going on. The Twitter handle set off a few flags, but Juliet is a fairly common name so I check it out: one post, eleven hours ago, “A little over cute guys hit me up now lol .. hit me up at http://wow[rest of URL removed for safety]”

I know I should be jumping at the opportunity to follow Juliet2i9j and click on that link provided. After all, she is just out for friendship after some bad dealings with ‘cute’ guys, right? Wrong. This is a computer virus waiting to happen or perhaps a visit to a site with inappropriate content that I don’t want on my screen, especially at work. And that is part of the problem with link shortening services like tinyurl or bit.ly that are so popular: you really have no idea where it’s taking you! To borrow from Forest Gump, it’s the bit.ly box of chocolates, some are filled with poison, and you never know what you’re going to get!

I got the ‘easy button’ with the block on Juliet2i9j, but what else might be a dead give-away with the spammers? One attack is simply to get a name that looks or sounds close to a legitimate name, brand/product and use it. This is not new, people have been doing this with URLs for a while, so why not with a Twitter Handle? User ‘Appple Computers’ is a prime example of how to use a brand name to dupe unsuspecting people into following you. Given that they currently have 5337 followers, some of which are fellow spammers, I would say that the tactic works.

So what happens when a person like ‘Scott Perry,’ which sounds normal with a twitter user handle ‘passportsfast’ begins to follow you? Simple: you check him or her out. Their handle is your first clue that something is amiss, but not to be too quick to judge, let’s be fair and give them the benefit of the doubt. Their Twitter stream appears to have legitimate news on problems associated with travel and passport laws, etc. However, hidden sparsely throughout the data are bit.ly links to buying WD hard drives and, no surprise, getting passports fast. I have not found a good example, yet, of a normal sounding name, Twitter handle, and profile photo of a certified dirty rat spammer, but I’m sure they exist, or will in the future.

It’s a dangerous world out there, and there are probably many more examples of Social Engineering on Twitter. Protecting your tweets is a more extreme way of screening your followers and keeping some control over your updates, but it’s not for everyone. Besides keeping up your firewall and antivirus/anti-spyware subscriptions, the average Twitter user can simply protect themselves from most of them with these three simple rules:

  • Never ‘follow-back’ without checking them out first – this will get rid of 90% or more from a single glance so you can ‘block’ the bad ones from following you
  • Always read the user name and twitter handle carefully and read through their tweets to see if they sound too much like junk email and block them too
  • Use extreme caution when following links – perhaps use a “preview” plug-in to view the URL first before going to the site
  • Find me on Twitter @brockwebb. Send me a note if you want to be friends with Juliet2i9j too… is it normal to keep getting pop-ups asking me to buy stuff?

Leave a Comment

5 Comments

Leave a Reply

Profile Photo Shelly MIller

good to know stuff…I get all kinds of “juliet”’ follow requests too, as well as people who are just out to sell something. I even stopped following my boss the Governator because he attracts so much spam.

Reply
Profile Photo Charlene Sevier

Brock, Excellent post. It gives us all a lot to think about in using Twitter. In doing some research for Web 2.0 for my department, I have come across Twitter usernames that at first led me to believe I was at the Twitter page for a particular state or local government. Upon closer examination, I realized I was not. Citizens can be taken in by these types of practices as well.

Reply