Collaboration SuitesMarketingSecuritySocialMediaSoftwareWorkspace

Twitter’s Fake Identity Crisis

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Feature: The market for fake followers is causing big problems for tweeters, but Twitter isn’t doing much to help, TechWeekEurope finds

In the pre-millennial world, anyone who could lay claim to hundreds of thousands of followers would legitimately be able to call themselves a celebrity, possibly even a messianic leader of the masses. In today’s Twittersphere, a million followers looks good – but even that may count for nothing, thanks to fake Twitter followers.

Fake conversation from FakeTweetBuilder.com

Those with millions upon millions of  followers may not be worth listening to because, while they appear to have an inordinate amount of people in thrall to each of their pithy quibbles, their popularity may be entirely bogus.  Fake Twitter followers have provoked a fake identity crisis that is undermining the value of Twitter. What’s worse is that Twitter is doing little to stop it escalating.

Bad boy Beckett

At the heart of the problem are the individuals and ‘companies’ who are selling fake followers. An illicit ecosystem has built up around Twitter, and it’s one that will survive because its operators and beneficiaries aren’t breaking the law and they care little for Twitter’s rules.

To investigate the dodgy market further, and to see whether Twitter was doing anything to stymie its growth, TechWeekEurope set up a new account last month. Meet “Samuel Beckett”, otherwise known as @NotSpamHonest. He’s been hard at work, breaking Twitter’s rules and bragging about it. Having already been barred once from the micro-blogging site, for sending malicious links to various members of the TechWeekEurope team who subsequently reported him for spam, Beckett decided to build up his follower base. Fake people love making fake friends, you know.

So, off he trotted around the Internet looking for some new pals and came across Followersale.com. It looked like a rather professional operation, with this promotional video below promising the cheapest followers in the world:

Impressed by the outlandish claims of the FollowerSale presenter, as well as his unerring joviality and ability to teleport, Beckett got in touch with the sales team, demanding to know how much two million followers would cost and what kinds of friends he would be buying. “We send active and inactive followers mix (most of them will be inactive),” the salesman said. “We send inactive followers because if huge amount of followers unfollow you at the same time, Twitter can realise that action and your profile may go under risk. On the other hand, we serve cheapest service in the world.

“We send them slowly if you make orders above 500,000. We can send up 1 million followers per profile. The fee for 1 million followers is $2450. We can send maximum 1 million followers per profile. Delivery time is 20 days.” It was a fair price, Beckett thought, and about right considering 15,000 followers cost $39.

But wouldn’t Twitter finally notice and just chuck him off the site, he asked? He didn’t want to be banned from his virtual playground. “You will be safe with our service… We have 100 percent money back guarantee if we can’t achieve it. We have developed structure and we have technical team in our office which contains four people, they are working hard everyday.” Phew.

But rather than splash any cash (largely because he didn’t have any), he asked for a trial of 500 fake Twitter followers. Despite worrying his @NotSpamHonest handle might prompt FollowerSale to get out its moral compass, and a little delay in delivery, he was treated to even more – over 700 in fact. He was ever so pleased.

The organisation even apologised for being late, although Beckett, given his literary namesake, thought they should probably have been more contrite about their use of the English language. “Please accept our apologizes [sic] for being so late, we have huge orders daily and we had to send them first,” the kind salesman said. Beckett wondered, did the company not care about Twitter’s rules? “Buying Twitter followers is always against Twitter rules but we don’t do anything illegal and we send them in safe way.” Again, phew.

Beckett’s Happy Days

Being the recalcitrant chap that he is, Beckett started tweeting about his new groupies and advertised the service to certain select contacts, just to see how Twitter would react. Much to the hellion’s chagrin, it didn’t.

In its rulebook, Twitter lists a load of user actions it takes into account when determining what conduct is considered spamming. That includes “using or promoting third-party sites that claim to get you more followers”, and selling followers “particularly through tactics considered aggressive following or follower churn”. Whilst Twitter won’t openly say it will chuck purveyors of the fake follower market off the site, it is pretty clear it doesn’t want them on the platform.

Yet it doesn’t appear Twitter is doing much to get rid of them. Beckett didn’t just boast about his new followers, he tweeted others promoting the service, including two Twitter-run accounts and, because he is so fond of them, more TechWeekEurope tweeters, who reported him again. Just look at what the troublesome braggart was posting:

So here we have a Twitter user, who has already been suspended once for nefarious actions, who has yet again been reported for wrongdoing and who has sent various messages to Twitter-held accounts telling them he is breaking the rules. But he remains active.

Perhaps Beckett was just too small-fry for Twitter to care about. Thankfully, other, richer people have been showing the social media company up by buying tens of thousands of followers and putting out public releases about it. Back in May, security researcher Barracuda Labs started building up three new accounts, purchasing between 20,000 and 70,000 each from eBay and other sites like Follower Sale. Guess what? “Twitter hasn’t done anything with them,” Jason Ding, research scientist at Barracuda Labs, told TechWeekEurope.

Perhaps Barracuda are too small-fry too. Well what about accounts belonging to better known tweeters, say Mitt Romney or Barack Obama? Romney was caught out by Barracuda, which noticed a sudden uptick in followers over a one-day period indicating most of 100,000 new additions were fake. But Obama appears to have even more non-existent buddies. Status People, a social media measuring tool, currently estimates 30 percent of Obama’s 18.8 million Twitter followers are fake, although it only looks at the most recent 10,000 additions.

Having repeatedly asked for information on what technical measures Twitter has in place to catch and banish those buying or selling fake followers, TechWeekEurope received nothing except links to the Terms of Service. Such inertia speaks volumes about how much Twitter really cares about this problem.

Who? What? Where?

You might ask why this is a problem at all. Fake twitter followers are just there to make people look a bit more important and services like Klout don’t give scores based on follower numbers, they look at how well your content is received. What’s the big deal, huh?

For starters, users are buying Twitter followers for more egregious reasons than just boosting their own egos or looking more influential. One nasty trend that has emerged recently is that of buying followers for others to make them look stupid. In this scenario, A buys B a load of followers, only to claim B has purchased a load of fake friends, which subsequently tarnishes B’s fine reputation (one can speculate that this may be the case for either Romney or Obama, or even both).

Two notable cases emerged recently. Soon-to-be former MP Louise “Yeah-I-Did-Coke-Once-Don’t-Menshn-It” Mensch gained 40,000 robot followers in late July. Angered by the sudden rise, which took her up to 104,000 followers, Mensch asked Twitter to remove the bots from her follower list. It took until 15 August for her follower account to fall. As it is, she still has over 96,000 and Status People says 34 percent are fake.

Then there was the case of master provocateur and Kernel editor-in-chief Milo “I-Am-Lord-And-Everyone-Else-Sucks” Yiannopoulos. After writing a report on how the CEO of little-known Klout rival PeerIndex appeared to have bought followers, Milo, otherwise known as Nero, found that his own Twitter follower count had grown by 40,000. Having only had 11,000 followers at the start of July, he suddenly had over 50,000, which has only fallen down to 33,000 now. He cried foul, amidst murmurings of the word ‘karma’.

But rather than just irk personalities like Mensh and Nero, this nefarious activity of buying followers for others can be damaging for brands. For PR companies in particular, it can be the difference between keeping a client and losing one. Dane Cobain, a social media executive, told TechWeekEurope that when one of the campaign accounts he was running turned out to have a large number of fake followers, it ultimately soured the relationship with his client.

“The main problems that we’ve faced with fake followers has been that we’ve been unable to accurately measure the results of our campaign,” he says. “The followers slowly get banned and so if you drop 200 followers in a week, you don’t know whether 200 fakes have been banned and you’ve gained no new followers, or whether 400 have been banned and you’ve gained 200 real ones.

“It also makes your brand look unprofessional – if people go on to your Twitter account and see that a large proportion of your followers are fakes, it makes you look untrustworthy. It also led to a disparity between the number of Facebook fans (300) and the number of Twitter followers (9000).

“That worried our client, as we never found out where the followers came from – it led to a lot of suspicion on both sides and ultimately damaged our relationship with them.”

All this makes Twitter a less attractive place for companies. Given Twitter is keen to find ways to boost profit, it needs businesses to stick around. Addressing the problem is in its own interests.

Endgame?

The fake follower crisis also makes Twitter a more dangerous place to play. As hackers have refined their social engineering techniques, Twitter has become a fine place for them to post malicious links. Last month, Sophos spotted a widespread campaign that saw thousands of tweets sent out to unsuspecting users, containing a link to the Blackhole exploit kit, which looks for weaknesses in people’s machines and attempts to plant malware.

Now, who would you trust more? An account holder with no followers, or one with millions? For most people, it is clearly the latter. By gaining more followers, attackers gain more trust, meaning their dirty links get more clicks and they get more bots for their botnets, or access to more users’ computers. Their spear phishing attempts over Twitter will get more traction too, and given how easy it is to find CEOs on the platform, senior execs are certainly not infeasible targets.

“The issue with fake Twitter accounts is that this practice encourages an underground economy and opens up Twitter users to abuse through the anonymity provided. There is no immediate technological threat, but it undermines the trust and the stability of social interactions,” says Wieland Alge, general manager for EMEA at Barracuda Networks. That underground economy is already sizeable. In its study, Barracuda found 20 sellers on eBay and another 58 through a simple Google search.

Waiting for Twitter

Twitter may be twiddling its thumbs right now, but many want it to attack the fake Twitter follower problem head on. “You can’t even report it to Twitter properly. We sent them a support request, but we had to report it as a glitch because there was no suitable category for it,” Cobain says. “Even when we did report it, we never had a response from their team – this is unsurprising because like most social networking sites, they have a tiny number of staff in relation to their users.

It should not take great changes to remove more fake profiles. Currently there is a cap on the number of people that users with no friends can follow, which stands at 2,000. That rises as their own number of followers increases. That’s largely in place to counter ‘gaming’, however, which sees people spam-following others to try to get a follow back, and doesn’t tackle the problem of buying and selling followers.

What if users had to verify themselves by submitting a copy of their passport or credit card information, or some other form of identification? It would undeniably solve the problem, but would be a nightmare for Twitter, and likely drive away both individuals and businesses. “A company would have to provide confirmation that they are duly registered and that the respective person opening a specific account is a representative of the company and so on,” Alge notes.

Rather than add overbearing security provisions, or rely on its current setup and on users to report problems – which, as our alter-ego Beckett found, does not always work anyway – Twitter should implement better automated systems for identifying fake follower sellers. Surely some application to crawl the site for telltale signs of abuse, such as typical language of dealers, would not be too much of a tall order. Another application that searches for users that have masses of followers but have little activity would be nice too. More effective caps on accounts that don’t tweet might also be a good idea, perhaps with an exception for true celebrities.

What’s clear is that Twitter can do more. If it doesn’t it risks letting the situation get so out of control it is beyond rescuing. “If they don’t move faster and smarter, these fake accounts will continue to be created and blended into the massive Twitter population, creating more and more impact,” adds Alge.

What do you know about Twitter? Test yourself with our quiz!