Publication Details
Title: Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse
Author: K. Thomas, D. McCoy, C. Grier, A. Kolcz, and V. Paxson
Bibliographic Information: Proceedings of the 22nd USENIX Security Symposium, Washington, D.C.
Date: August 2013
Research Area: Networking and Security
Type: Article in conference proceedings
PDF: https://www.icsi.berkeley.edu/pubs/networking/traffickingfraudulent13.pdf
Overview:
As web services such as Twitter, Facebook, Google, and Yahoo now dominate the daily activities of Internet users, cyber criminals have adapted their monetization strategies to engage users within these walled gardens. To facilitate access to these sites, an underground market has emerged where fraudulent accounts – automatically generated credentials used to perpetrate scams, phishing, and malware – are sold in bulk by the thousands. In order to understand this shadowy economy, we investigate the market for fraudulent Twitter accounts to monitor prices, availability, and fraud perpetrated by 27 merchants over the course of a 10-month period. We use our insights to develop a classifier to retroactively detect several million fraudulent accounts sold via this marketplace, 95% of which we disable with Twitter’s help. During active months, the 27 merchants we monitor appeared responsible for registering 10–20% of all accounts later flagged for spam by Twitter, generating $127–459K for their efforts.
Acknowledgements:
This work was partially supported by funding provided through National Science Foundation grants CNS : 1237265 and CNS : 1237076 (“Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives”). Additional funding was provided by the Office of Naval Research under MURI grant N000140911081 and by a gift from Microsoft Research Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors or originators and do not necessarily reflect the views of the sponsors.
Bibliographic Reference:
K. Thomas, D. McCoy, C. Grier, A. Kolcz, and V. Paxson. Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse. Proceedings of the 22nd USENIX Security Symposium, Washington, D.C., August 2013
Author: K. Thomas, D. McCoy, C. Grier, A. Kolcz, and V. Paxson
Bibliographic Information: Proceedings of the 22nd USENIX Security Symposium, Washington, D.C.
Date: August 2013
Research Area: Networking and Security
Type: Article in conference proceedings
PDF: https://www.icsi.berkeley.edu/pubs/networking/traffickingfraudulent13.pdf
Overview:
As web services such as Twitter, Facebook, Google, and Yahoo now dominate the daily activities of Internet users, cyber criminals have adapted their monetization strategies to engage users within these walled gardens. To facilitate access to these sites, an underground market has emerged where fraudulent accounts – automatically generated credentials used to perpetrate scams, phishing, and malware – are sold in bulk by the thousands. In order to understand this shadowy economy, we investigate the market for fraudulent Twitter accounts to monitor prices, availability, and fraud perpetrated by 27 merchants over the course of a 10-month period. We use our insights to develop a classifier to retroactively detect several million fraudulent accounts sold via this marketplace, 95% of which we disable with Twitter’s help. During active months, the 27 merchants we monitor appeared responsible for registering 10–20% of all accounts later flagged for spam by Twitter, generating $127–459K for their efforts.
Acknowledgements:
This work was partially supported by funding provided through National Science Foundation grants CNS : 1237265 and CNS : 1237076 (“Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives”). Additional funding was provided by the Office of Naval Research under MURI grant N000140911081 and by a gift from Microsoft Research Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors or originators and do not necessarily reflect the views of the sponsors.
Bibliographic Reference:
K. Thomas, D. McCoy, C. Grier, A. Kolcz, and V. Paxson. Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse. Proceedings of the 22nd USENIX Security Symposium, Washington, D.C., August 2013