My ‘Favorite’ Twitter Spammers
Posted June 11th, 2013 at 5:13 am by admin5 Comments
Anyone who is an active Twitter user has probably experienced the new frontier of Twitter spam: mysterious users suddenly ‘favoriting’ your old tweets. Sometimes, you see this behavior three weeks or more after you sent the original tweet.
You know it must be spam of some kind. And usually, a quick examination of the sender reveals a link in their bio that they want you to click. Or, sometimes they rely on users who will follow an account that favorites a tweet, hoping to send a dangerous URL by direct message later on.
First of all, why use the ‘Favorite’ action for spam? Because it’s a click-generating tactic for black hats that has few downsides. From a self-described “black hat” site:
We are making a bot right now that will allow you to load in accounts, set delay, rotate accounts after every said amount with proxy support etc…
The beautiful thing about this….after some testing I have done with just 2000 favorites (took 2 days on 1 account) the accounts get about 10 followers per thousand with tons of hits from your profile url…..and it doesn’t look spammy (having 2,000 followers and 25 following back like TA) and the account is still live.
Nobody knows how many times you have favorited something.
This is going to be sweet.
Unlike the older methods of “mention spam,” favoriting a tweet leaves no evidence in the spammer’s timeline for users to spot, and unless they overrun the limits that Twitter imposes (a very generous 1,000 favorites per account per day), they can stay under the radar long enough to achieve their goals: hits on links and follows from unsuspecting users. With even a few dozen accounts (too few probably to cause Twitter to notice), they can touch tens of thousands of Twitter users each day.
But there is something else to notice about the quote above: the “black hat” attitude. Though misguided marketers once used some of the bulk communications methods we now call “spam,” they have for the most part moved on to better ideas, leaving only the “black hats” to the field. This approach to bulk outreach is a Mark of Cain that not only impacts how “black hats” think, but also carries through to the techniques they use. And it leaves evidence.
Evidence like the gap between the time of the tweet and the time of the favorite. Normal users don’t favorite things they didn’t see live, or at least within a few days of original delivery. To favorite something that was sent weeks ago, you have to be running an automated keyword search (probably using a browser automation tool like iMacros, commonly misused for this among black hats). Because a normal user doesn’t have the patience to scroll backwards through weeks and weeks of old tweets looking for things to favorite. Only a machine can be given that job. That’s a dead giveaway.
Evidence like favoriting things from accounts that have no natural conversational history in them. Because building a natural looking conversation history would be time consuming and expensive, two things that are anathema to black hats looking for a quick score.
And that’s only for starters. The “black hat” attitude gives us many, many ways to differentiate the fakers from the real users, and all without examining the content of the messages.
At Meshfire, we study spammer behaviors so that we can help you focus on the most valuable, real people on Twitter and spend as little time as possible hassling with the fake accounts that sap your energy and reduce your influence.
- Meet Berrak Sarikaya, Meshfire’s New Community Manager
- eSports and Social Media: How To Stay Ahead Of The Game Using Meshfire
- Meshfire is having a party at PAX PRIME and you are INVITED!
- And the winner of our second New Nintendo 3DS XL Giveaway is…
- Here’s another chance: Win a Nintendo 3DS XL and get Meshfire FREE
- The Story of Ember: Why I Cloned Myself To Make Social Media Make Sense on
- How Cats Can Make Your Business Succeed In Social Media. on
- Social Media and Databases: Three Reasons Why Meshfire Chose MongoDB on
- My ‘Favorite’ Twitter Spammers on
- How I used Meshfire to help raise $1.32 million in 30 days on
- October 2015
- September 2015
- August 2015
- May 2015
- April 2015
- March 2015
- January 2015
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- January 2014
- December 2013
- November 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- September 2012