Twitter is a nice place, that differs from any other social network. What people says there have a more impact on the trust than most of other places (like Facebook). People take serious what other says and even more if the number of followers of that account is a pretty big number.
Any Twitter user is tempted to follow people who have lot of followers. There is a little more of trust on big followers accounts than those who have a few. This concept happens here, on other networks, and even in real life. Of course it’s different among people, but the average Twitter user behave this way.
When you start using it, you tend to see how many people is following you, so you might convince yourself to keep using it. This is why I started to watch the profiles of almost every new follower and at some point it gave me a surprise. One of my followers was a user whose profile have tons of Twits like this:
I like this song <youtube-link>
Not only a couple but hundreds of them! That was the first time I saw a boot on Twitter. I reported the user as Spam, blocked it and moved on. This experience has repeated in something like once a month. It was OK, nothing new, just keep blocking and moving on.
But then I saw a different one. The latest Twit of this account was like a giant “I’m Spaming” poster but the rest were like a lot of human phrases that were cleverly repeated. Before doing the normal report, I saw a disturbing Twit. It was a phishing attack.
That phishing account give me a lot of anger. Because it was going (and certainly had been) read by real people which could be fooled by a damn bot! It was the straw that broke the camel.
A normal report and blocked account wasn’t going to help anybody. The account may get closed but others would appear instead and keep fooling people. So this is where my research begun.
I started to search for patrons. Why this accounts was opened and what was the work-flow used here? It was pretty clear about the phishing account but not the only-spam accounts.
Found more Spam accounts were not so difficult. The number of Retweets were too much for the poor content that the Twits were giving. A click on “RETWEETS” was enough to found a horde of Spam accounts. There were two kinds of accounts:
- Worms, the one with content (Twits with phrases and Spam links) and
- Birds, the one who only follow the prior one and do never Twit nor Retweet
I decided to call one type “Worms” and other “Birds” just to make easy on the next paragraphs to mention them, so continuing.
Worms are used to Twit phrases and Retweet Twits that contains the link to the final Spam site.
Another characteristic is that all of them have an avatar (I’ll talk about it later) and some of them a bio (information that user enter to describe them).
This personalized accounts is also used to follow real people accounts. Some of this real people accounts are from stupid people who actually pay to gain followers.
Most of Worms have an underscore ‘_’ randomly generated as their Twitter ID and a real name selected from a word dictionary as the actual name. e.g. Elisha @_sharply_ or Jennie @L3_lucky_
Birds, in the other hand, are used just to gain credibility to the Worms accounts, so when a real user see those tweets are more confident to click on them.
This accounts have only two necessary properties for every Twitter account to exist, the default avatar that any new Twitter account have (fingerprint with a random color) and a fake name randomly generated.
I’ll leave the Birds behind and talk only about Worms next.
No, not the movie, the default picture of a Twitter account.
Every Twitter profile has a picture so everyone can differentiate from others and be recognized. Spam accounts are not the exception and use real people pictures. That is sad but it happens 100% of cases on Twitter. Photos who are proved to be “nice”, like beautiful girls that some dude will just “click on it”, are the most used (yeah, ugh!).
I made a kinda extensive search using the “Search by image” Google tool. Searching the avatars from the Spam accounts, I got useful results. It showed the avatars were commonly repeated among Spam accounts on Twitter. But it also bring useful information about the source of the picture. Most of this pictures were coming from the following sites:
NOTE: it is in reverse alphabetical order to annoy a bit :D
I’m not mentioning (not even implicitly) that this sites are only nice Spam tools nor qualifying their Spam and privacy policies. But they definitely are nice Spam tools.
Why are the previously mentioned sites nice Spam tools? Well, they give an interesting attribute to pictures, something which can be used to qualify them. In fact, they have “scores”. When more people like the picture, the more scores it has. Scores are called different among the sites. For instance, weheartit call them “hearts”, tumlr “likes” and pinterest “pins”.
It’s very important to note that the three sites provide useful search tools. A quick search for “beauty girls” in any of this sites will bring several pictures of girls that most of the people may consider beauty. Without mentioning the set of filters that you may apply (popularity, categories and more).
That is why they are indeed nice Spam tools. The above sites enable a machine to get the “best pictures“ (the one with more favorites, likes or whatever name do they use).
Spam accounts have alerting similar numbers:
- Between 100 and 300 Twits and
- A ratio of 4 to 5 followers approx. per account following. e.g. 6000 following; 7500 followers
It is easy to see note them when you see the number of followers that they have in a short period of time:
As you can see on the previous image, no human can start following 150 persons in a day.
Here is an example for how ridiculously can an account increase it numbers in a matter of seconds wasting money on Facebook:
This is the website given on a link from a Twitter Spam account:
The following picture shows a Spam account being used to promote site content:
Do you want to know the actual Twitter account? There you go: https://twitter.com/_sharply_
Here is another Spam account and its Avatar source links:
You can check the Avatar in the Twitter account is exactly the same picture found in the others site. Horrible.
I feel deeply sad about the real persons behind the pictures, who are actually the most affected. You can help them, and please do so, by reporting the fake Twitter accounts. Maybe you can also help by reporting violation of content on the image hosting sites but I’m not sure about that.
From the beginning of my research, a bunch of Twitter Spam accounts has been closed.
Here is a list: (by the time I am writing this they are disabled)
And for that, I want to thank Twitter users who press a Report button that have extraordinary consequences and Twitter personal who take quick actions! We have hope to make Internet a better place :-)
Please, think twice before publishing photos of yourself with a public online scope! If so, you should be aware that there is awful people who could use it for advertising of all types.
A way to prevent this is limiting the audience to only your very known contacts. If the site that you’re using do not allow this, you may consider stop using it.
For Twitter users:
DO NOT PAY FOR FOLLOWERS! If you do so, you are not only damaging your reputation but also ruining the whole ecosystem. If you think that a number in the “FOLLOWERS” box is the key, you’re doing it wrong. Interactions with real people is the key and there is no way you can buy them. At least at the moment no bot can interact with humans like humans do.
For Web developers:
Please, do not be the next weheartit or pinterest. Provide useful and easy-to-use tools to users protecting their privacy and reducing bots efficiency. If users are your company value, at least pretend that you care about them!
I’m a Twitter user and I will keep using it by the time. Someone could ask to me “Why the heck didn’t you explicitly mentioned paid followers?” and my answer is that, in order to do it, I would need my finger to point specific users and I will be hated. Maybe I will do at some point if I stop using the service, find a good reason or you find me angry again :)