Angel or Demon? Characterizing Variations Across Twitter Timeline of Technical Support Campaigners
Technical Support spam, which abuse Web 2.0 and carry out social engineering attacks have been in existence for a very long time, despite several measures taken to thwart such attacks. Although recent research has looked into unveiling tactics employed by spammers to lure victims, damage done on Online Social Networks is largely unexplored. In this paper, we perform the first large-scale study to understand the behavior of technical support spammers, and compare them with the legitimate technical support offered to OSN users by several brands such as Microsoft, Facebook, Amazon.
We analyze the spam and legitimate accounts over a period of 20 months, and provide a taxonomy of the different types of spammers that are active in Tech Support spam landscape. We develop an automated mechanism to classify spammers from legitimate accounts, achieving a precision, recall of 99.8%.
Our results shed light on the threats associated with billions of users using OSNs from Tech Support spam, and can help researchers and OSN service providers in developing effective countermeasures to fight them.
H. Almeida, D. Guedes, W. Meira, and M. J. Zaki, â€œIs there a best quality
metric for graph clusters?â€ in Joint European Conference on Machine
Learning and Knowledge Discovery in Databases. Springer, 2011.
A. A. Amleshwaram, N. Reddy, S. Yadav, G. Gu, and C. Yang, â€œCats:
Characterizing automation of twitter spammers,â€ in Communication
Systems and Networks (COMSNETS), 2013 Fifth International Conference
on. IEEE, 2013.
M. Balduzzi, P. Gupta, L. Gu, D. Gao, and M. Ahamad, â€œMobipot: Understanding
mobile telephony threats with honeycards,â€ in Proceedings
of the 11th ACM SIGSAC Symposium on Information, Computer and
Communications Security, ser. ASIA CCS â€™16. New York, NY, USA:
F. Benevenuto, G. Magno, T. Rodrigues, and V. Almeida, â€œDetecting
spammers on twitter,â€ in Collaboration, electronic messaging, anti-abuse
and spam conference (CEAS), vol. 6, 2010, p. 12.
F. Benevenuto, T. Rodrigues, V. Almeida, J. Almeida, and M. GonÃ§alves,
â€œDetecting spammers and content promoters in online video social networks,â€
in Proceedings of the 32nd international ACM SIGIR conference
on Research and development in information retrieval. ACM, 2009.
J. M. Carrascosa, R. GonzÃ¡lez, R. Cuevas, and A. Azcorra, â€œAre trending
topics useful for marketing,â€ Proc. COSN, 2013.
N. Christin, S. S. Yanagihara, and K. Kamataki, â€œDissecting one click
frauds,â€ in Proceedings of the 17th ACM conference on Computer and
communications security. ACM, 2010, pp. 15â€“26.
Z. Chu, I. Widjaja, and H. Wang, â€œDetecting social spam campaigns
on twitter,â€ in International Conference on Applied Cryptography and
Network Security. Springer, 2012, pp. 455â€“472.
A. Costin, J. Isacenkova, M. Balduzzi, A. Francillon, and D. Balzarotti,
â€œThe role of phone numbers in understanding cyber-crime schemes,â€
in Privacy, Security and Trust (PST), 2013 Eleventh Annual International
Conference on. IEEE, 2013, pp. 213â€“220.
M. Faloutsos, â€œDetecting malware with graph-based methods: traffic
classification, botnets, and facebook scams,â€ in Proceedings of the 22nd
International Conference on World Wide Web. ACM, 2013, pp. 495â€“496.
H. Gao, J. Hu, C. Wilson, Z. Li, Y. Chen, and B. Y. Zhao, â€œDetecting
and characterizing social spam campaigns,â€ in Proceedings of the 10th
ACM SIGCOMM conference on Internet measurement. ACM, 2010, pp.
S. Ghosh, B. Viswanath, F. Kooti, N. K. Sharma, G. Korlam, F. Benevenuto,
N. Ganguly, and K. P. Gummadi, â€œUnderstanding and combating
link farming in the twitter social network,â€ in Proceedings of
the 21st international conference on World Wide Web. ACM, 2012, pp.
C. Grier, K. Thomas, V. Paxson, and M. Zhang, â€œ@ spam: the underground
on 140 characters or less,â€ in Proceedings of the 17th ACM
conference on Computer and communications security. ACM, 2010, pp.
P. Gupta, M. Ahamad, J. Curtis, V. Balasubramaniyan, and A. Bobotek,
â€œM3AAWG Telephony Honeypots: Benefits and Deployment Options,â€
Tech. Rep., 2014.
P. Gupta, R. Perdisci, and M. Ahamad, â€œTowards measuring the role of
phone numbers in twitter-advertised spam,â€ in Proceedings of the 13th
ACM on Asia Conference on Computer and Communications Security,
ser. ASIA CCS â€™18. New York, NY, USA: ACM, 2018. [Online].
P. Gupta, B. Srinivasan, V. Balasubramaniyan, and M. Ahamad,
â€œPhoneypot: Data-driven understanding of telephony threats.â€ in NDSS,
S. Gupta, P. Gupta, M. Ahamad, and P. Kumaraguru, â€œExploiting phone
numbers and cross-application features in targeted mobile attacks,â€ in
Proceedings of the 6th Workshop on Security and Privacy in Smartphones
and Mobile Devices. ACM, 2016, pp. 73â€“82.
J. Isacenkova, O. Thonnard, A. Costin, A. Francillon, and D. Balzarotti,
â€œInside the scam jungle: A closer look at 419 scam email operations,â€
EURASIP Journal on Information Security, vol. 2014, 2014.
P. Kumaraguru, L. F. Cranor, and L. Mather, â€œAnti-phishing
landing page: Turning a 404 into a teachable moment
for end users,â€ Conference on Email and Anti-Spam, 2009.
[Online]. Available: http://precog.iiitd.edu.in/Publications_files/
K. Lee, J. Caverlee, and S. Webb, â€œUncovering social spammers: social
honeypots+ machine learning,â€ in Proceedings of the 33rd international
ACM SIGIR conference on Research and development in information
retrieval. ACM, 2010, pp. 435â€“442.
K. Lee, B. D. Eoff, and J. Caverlee, â€œSeven months with the devils: A
long-term study of content polluters on twitter.â€ in ICWSM, 2011.
C. Lumezanu and N. Feamster, â€œObserving common spam in twitter
and email,â€ in Proceedings of the 2012 ACM conference on Internet
measurement conference. ACM, 2012, pp. 461â€“466.
E. G. MartÃn, N. Lavesson, and M. Doroud, â€œHashtags and followers,â€
Social Network Analysis and Mining, vol. 6, no. 1, pp. 1â€“15, 2016.
A. Marzuoli, H. A. Kingravi, D. Dewey, and R. Pienta, â€œUncovering
the landscape of fraud and spam in the telephony channel,â€ in Machine
Learning and Applications (ICMLA), 2016 15th IEEE International
Conference on. IEEE, 2016, pp. 853â€“858.
N. Miramirkhani, O. Starov, and N. Nikiforakis, â€œDial one for scam: A
large-scale analysis of technical support scams,â€ in Proceedings of the
th Network and Distributed System Security Symposium (NDSS), 2017.
F. B. of Investigation, â€œTech support scam - federal bureau of investigation,â€
https://www.ic3.gov/media/2016/160602.aspx, June 2016.
M. Osborne and M. Dredze, â€œFacebook, twitter and google plus for
breaking news: Is there a winner?â€ in ICWSM, 2014.
R. Ottoni, D. B. Las Casas, J. P. Pesce, W. Meira Jr, C. Wilson, A. Mislove,
and V. A. Almeida, â€œOf pins and tweets: Investigating how users behave
across image-and text-based social networks.â€ in ICWSM, 2014.
M. S. Rahman, T.-K. Huang, H. V. Madhyastha, and M. Faloutsos,
â€œFrappe: detecting malicious facebook applications,â€ in Proceedings
of the 8th international conference on Emerging networking experiments
and technologies. ACM, 2012, pp. 313â€“324.
B. Srinivasan, P. Gupta, M. Antonakakis, and M. Ahamad, â€œUnderstanding
cross-channel abuse with sms-spam support infrastructure
attribution,â€ in European Symposium on Research in Computer Security.
Springer, 2016, pp. 3â€“26.
G. Stringhini, C. Kruegel, and G. Vigna, â€œDetecting spammers on social
networks,â€ in Proceedings of the 26th Annual Computer Security
Applications Conference. ACM, 2010, pp. 1â€“9.
K. Thomas, C. Grier, J. Ma, V. Paxson, and D. Song, â€œDesign and evaluation
of a real-time url spam filtering service,â€ in 2011 IEEE Symposium
on Security and Privacy. IEEE, 2011, pp. 447â€“462.
K. Thomas, C. Grier, D. Song, and V. Paxson, â€œSuspended accounts in
retrospect: an analysis of twitter spam,â€ in Proceedings of the 2011 ACM
SIGCOMM conference on Internet measurement conference. ACM, 2011,
S. Venkataraman, S. Sen, O. Spatscheck, P. Haffner, and D. Song, â€œExploiting
network structure for proactive spam mitigation,â€ 2007.
A. H. Wang, â€œDonâ€™t follow me: Spam detection in twitter,â€ in Security
and Cryptography (SECRYPT), Proceedings of the 2010 International
Conference on. IEEE, 2010, pp. 1â€“10.
S. Webb, J. Caverlee, and C. Pu, â€œSocial honeypots: Making friends
with a spammer near you.â€ in CEAS, 2008.
S. Yardi, D. Romero, G. Schoenebeck et al., â€œDetecting spam in a twitter
network,â€ First Monday, vol. 15, no. 1, 2009.
The copyright of the published articles stays with the authors.