Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Spam and phishing attacks delivered over social networks are a growing problem, says Don DeBolt, director of threat research for IT software firm CA Technologies. For example, a phishing scam operating over Twitter recently stole the iTunes accounts of some users. “People immediately trust these applications because it is how they communicate with friends,” DeBolt explains. “Because people are sending much less text than an e-mail, and URL shorteners are often used, it is harder for people to realize a message may not be real.”

DeBolt’s team maintains honeypot profiles of its own, and monitors them manually to look for new spammer tactics. “We have to take great care, though, in curating them as research profiles that don’t impersonate a real person,” he says.

The fact that social network honeypots must be part of a community is a fundamental difference from the conventional approach, says Azer Bestavros, a networking specialist at Boston University who has, in the past, worked on analyzing blog spam. A honeypot computer on a network is typically allocated to “dark” address space so that they would never legitimately be contacted by another machine.

“Other users could consider our honeypot a real person,” Lee acknowledges. “But we do not have friends or contact other people, and on Twitter our profiles posted random messages so a normal user would not think to contact us.”

Some messages and friend requests sent to a social honeypot may be from legitimate users, so information collected from them needs to be treated carefully, says Bestavros. Lee and colleagues are experimenting with varying the output and demographic characteristics of their honeypots to find out what most attracts spammers–for example, varying the dummy user’s age and location, or the frequency of their updates. “Most of the spammers present themselves as college-age females,” says Lee. Data from MySpace honeypots shows that most claim to be located in California, and so far it seems that college-age males are the preferred target.

Lee and colleagues are also interested in trying the approach on the world’s largest social network: Facebook. “It is a more private network, but if we were able to get permission from them it would be interesting to try it there,” he says.

1 comment. Share your thoughts »

Tagged: Computing, Web, security, Twitter, social networks, social networking, spam, phishing, computer science

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me