Goodbye to spam, er, @spam, on Twitter...

Filed Under: Spam, Twitter

Most of us are inured to email spam, and it's hardly surprising that there is so much of it, since email is an open ecosystem.

Loosely speaking, anyone can run an email server of their own, or an email client, and connect to any other email server to inject good, bad or indifferent messages into the email universe.

If you don't want to run your own server, there are thousands of organisations that will offer you space on their servers, from webmail giants like outlook.com and Gmail, to conventional email providers such as your ISP.

Internet email is a giant mesh of interconnected service hubs, each with its own set of spokes (its population of users), exchanging messages using well-known open standards with names like SMTP, POP and IMAP.

In contrast, social networks like Twitter are closed ecosystems.

There's only one service provider, and, logically if not physically, just one server, with every user connecting to that single messaging hub.

Naively, then, it's easy to assume that spam would be easy to control, and infrequently seen, on sites like Twitter.

But Twitter's "single hub" is more like a country or a planet than a village or a town, and it has hundreds of millions of spokes, rather than the 30-or-so that the mental image of a bicycle wheel conjures up.

In fact, Twitter and its users have perennial problems with spam, as a quick search of Naked Security will reveal:

  • Within seconds of the news breaking that Pope Benedict XVI was to retire, spam began to appear on Twitter taking advantage of the story.
  • Motor-mouthed UK "Top Gear" celebrity Jeremy Clarkson, who has more than 1.7 million followers, had his Twitter account compromised by spammers who bombarded the Twittersphere with links to a bogus news website promoting an Acai Berry diet solution.
  • Bogus warnings claiming you'd been featured in an online photo surged across Twitter, leading those who clicked to a website infected with the infamous Blackhole Exploit Kit.
  • Free iPad and iPhone scams tricked you with a bait-and-switch in which the "free" iDevices evaporated and costly SMSes or other quite different offers took their place.

Twitter isn't powerless against spams and scams of this sort, and has fought back not just online, but also in the courts, notably taking action last year against companies that live off Twitter-spamming software, or off large numbers of automated Twitter accounts.

With this in mind, you might be surprised that the micro-blogging site's own Twitter identity for reporting spam, the easily-remembered account @spam, has been killed off.

Not to worry, though.

Twitter simply wants you to send your spam reports to @support instead.

No big change, and probably (if the truth be told) a wise decision to use @support as a generic clearing house for customer-facing issues of all types.

After all, the word "spam" is like "virus" these days.

Everyone knows what "spam" means in everyday conversation: e-stuff you didn't want to receive.

→The English language loves the transfer of meaning, happily extending "spam" so that it means "any sort of unwanted garbage delivered electronically", and adapting "virus" to cover "any sort of bad software." That's metonymy, the same figure of speech by which we read "Redmond" yet think "Microsoft", or "Crown" but think "the apparatus of statehood."

But in the context of a security complaint, does @virus cover @Trojan, and @spam cover @scams?

Does @spam cover lolcats sent in great quantity by someone you'd rather not hear from, or should problems of that sort go to @partialstalking or to @iunheartlolcats?

No need for that sort of uncertainty anymore.

Just remember:

  • Use @support for anything that you think requires attention by Twitter, including spam in all its metonymic forms.
  • Do send in reports. If you don't report it (as the cops like to remind us about minor crime), then officially it didn't happen, so it can't get the attention it deserves.

Oh, and don't forget that Twitter allows you to report spammy accounts in a single shot, so you don't have to report message after message.

Assuming you're logged into Twitter, you can just go to an account's profile page, click on the "person icon" pulldown menu, and choose Report @account for spam.

Lastly, if you are faced with a spammy link, but you're pretty sure it doesn't go anywhere directly dangerous, don't be tempted to click it anyway "just to see."

Here's a video that makes just that point:

Even if an unsolicited link doesn't put you immediately in harm's way, remember the advice you can see in the video above: don't buy, don't try, don't reply.

, , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog