Spammers are social, too

If you have a social networking account, you are aware that spam has moved to that media. Each social network is scrambling to deploy technologies and policies to prevent spam from becoming as endemic their platforms as it is in the e-mail space. All of the networks are being hit by a similar technique known as “friend request” spam. Two social networks in particular, Facebook and Twitter, are quickly becoming a study in contrasts in how to handle the problem.

Before we can describe how they are behaving differently, we need to define the problem. Spam is simply a message in the e-mail world that appears in the inbox without request. The content of the message contains all that is needed for the spammer to sell their product or push malware. In the social networking world, spammers will set up profiles that contain links that point to “spammy” websites, and then send out a large number of friend requests. Recipients that look at the profile behind the friend request have effectively been spammed. A small portion of these individuals will keep the spammers in business by buying whatever the spammer is selling.

Friend request spam is being controlled using many of the same techniques that are being used to combat e-mail. One class of technologies centers around actions that can be taken strictly based upon the behavior of the network connection. For example, large blocks of IP addresses, effectively the identity of the mail servers, are blacklisted by for their misbehavior with the remaining IPs being subject to strict throttling rules that are a function of the server’s recent behavior. For the social networking space, this translates to denying individuals access to the system entirely or throttling, but not banning, accounts based upon their identity.

This is where the contrast come to light for our two social networks. Facebook has taken the approach of automatically deleting accounts of suspected spammers, which they define as having a certain friend-request pattern. Twitter has decided to cap the number of following requests issued by a user, but not delete the account. Facebook took the more aggressive approach of deleting users that trip their spam detection algorithms, translating into irate new users who end up wondering what happened to their accounts.

In many ways, there is no right or wrong to anti-spam beyond what makes end users the most satisfied with their service. Some classes of users will tolerate a little spam in their inbox in exchange for an incredibly small rate of legitimate mail being incorrectly classified as spam, known as false positives. Other users are willing to tolerate a higher rate of false positives as long as their inbox is always clean. Which approach is fundamentally right or wrong is immaterial. Far more important is what will be tolerated by the community. As spam expands into this relatively new domain, all of the players in the field will have to monitor how their reaction to spam is viewed by their most important commodity, namely users and eyeballs.

[Source: zdnet]