Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

Is Twitter spam possible?

Is Twitter spam possible?

  • Comments 2

With the explosion in popularity of Twitter (of which I am not a twitterer or even a subscriber), I've wondered to myself whether there is such a thing as twitter spam.

Now, spam in the email sense is when spammers flood your inbox with unwanted email.  But with Twitter, if you're subscribing to someone's feed, then how can you be spammed?  You could just stop subscribing them if they were really getting annoying but really, you're opting in and you know who's sending you "mail."  It's kind of like getting RSS spam... which is counterintuitive.

I did a quick Bing search and found out that there is such a thing as Twitter spam known as "Follow spam".  From Twitter's blog:

What is "Follow Spam?"

Follow spam is the act of following mass numbers of people, not because you're actually interested in their tweets, but simply to gain attention, get views of your profile (and possibly clicks on URLs therein), or (ideally) to get followed back. Many people who are seeking to get attention in this way have even created programs to do the following on their behalf, which enable them to follow thousands of people at the blink of any eye.

As you can imagine, this is a problem. In extreme cases, these automated accounts have followed so many people they've threatened the performance of the entire system. In less-extreme cases, they simply annoy thousands of legitimate users who get an email about this new follower only to find out their interest may not be entirely...sincere. On rare occasions we may see a person who is mass following and actually cares about every tweet—there is an opportunity for us to learn more about this use case and work to provide a better experience.

I don't fully understand why someone would choose to engage in Twitter spam but the idea seems to be that if you follow a lot of people's Tweets, the followees will click on your profile.  If you were a spammer, you could a link to your product in your profile in hopes of getting the Tweeter to follow it and get to your site.  It's a way of avoiding a spam filter since the spammer is already in the network and presumably, there is a level of trust.  After all, if your a Tweeter, it's kind of flattering to have a lot of people follow your tweets.

But for the Tweeter, having a lot of spammers follow you becomes really annoying.  You want real people to follow you, not spammers hyping up your statistics.  You can't go through your followers profiles because all you're doing is sifting through a lot of chaff.  Twitter also cannot build accurate statistics on user profiles in order to one day monetize their size.

Ultimately, the problem of Twitter abuse will come back to the same problem faced by the webmail providers - spammers are breaking CAPTCHAs and using them to send out spam.  The spammers are doing the same thing here an irritating everyone with their abusive behavior.  I suspect that there will be a similar convergence in anti-CAPTCHA-breakage techniques that there was for spam including IP reputation and behavioral analysis (content filtering).

Leave a Comment
  • Please add 5 and 6 and type the answer here:
  • Post
  • I have to agree that with the massive rise of popularity with twitter, the spam has also increased. I've had my twitter account for a few years, but within the last year or so I've been getting so follows from people just trying to spam a product that I put my account on private.

  • I just signed up for Twitter this week.  And guess what?  My first follower is a spammer.  Are you kidding me?

    To quote Peter Griffin, un-freaking-believable.

Page 1 of 1 (2 items)