No, It's Not Your 15 Minutes Of Twitter-Fame. Say Hello To Twitter Spam

For a fleeting moment, I thought my Twitter ID (<a href="http://twitter.com/dberlind">dberlind</a>) got stuck in some viral tornado of fame. For several days, hardly 30 minutes could pass without another e-mail showing up in my in-box saying that someone else was "following me" on Twitter. Did some tweet of mine suddenly turn me into Twitter.com's new Mr. Popularity? Hardly. A pattern started to emerge. And then, on a long shot, I Googled "twitter spam."

David Berlind, Chief Content Officer, UBM TechWeb

April 2, 2008

7 Min Read
InformationWeek logo in a gray background | InformationWeek

For a fleeting moment, I thought my Twitter ID (dberlind) got stuck in some viral tornado of fame. For several days, hardly 30 minutes could pass without another e-mail showing up in my in-box saying that someone else was "following me" on Twitter. Did some tweet of mine suddenly turn me into Twitter.com's new Mr. Popularity? Hardly. A pattern started to emerge. And then, on a long shot, I Googled "twitter spam."Why is it that so many of the useful communications infrastructures have to be ruined by spammers? "Useful?" you ask. A lot of people look at Twitter (and Google's competition to it: Jaiku) and ask "Why would I want to know what people are doing every minute of every day?"

Peel the onion one layer deeper and they're asking "How vain must someone be to think that others are interested in what they're doing every minute of every day?" Indeed, a lot of people use Twitter and Jaiku for those very reasons. But, if you ask me, there's more to what is essentially a publish-and-subscribe form of SMS for the Net than meets the eye. As a student of digital media, for example, I see it as promising way to get short bursts of news out to our audience members. I've called this the Twitterization of media and if you follow my Twitter feed, you'll see that I hardly ever use it to tell people what I'm up to at any given moment. Rather, I use it to disseminate snack-worthy nuggets of news (often with a link using TinyURL.com). For about six months prior to leaving ZDNet, I embedded Twitter's HTML badge (an HTML object that lists the last 10 tweets from a given Twitter feed) into the right-hand column of my blog. It contained pretty much nothing but news items that I wasn't going to spend time blogging about but that I thought were newsworthy to my audience. At some point down the road, I'm looking forward to bringing that "Twittitechture" to my blog here on InformationWeek.com and TechWeb.

I can imagine other mission critical uses of Twitter and Jaiku and my only hope is that the people who run both figure out how to deal with the spammers before the spammers do to those infrastructures what they've already done to the Internet's e-mail system (ruin it).

It was a bit anticlimactic when my search on "twitter spam" got the hits that it did. Last week, Adam Ostrow over at Mashable wrote:

....lately, I've been getting an influx of new followers that resemble this character to the right -- someone who is following thousands of people, with only a couple hundred following back...

When one Twitter user elects to "follow" another Twitter user (the result being that the former's "tweets" show up on the latter's Twitter home page chronologically mixed in with other tweets from other Twitter users that the latter is following), it's considered good Twitter etiquette for the latter to return the favor by following him/her back.

twitterspamBut as Ostrow points out, there's an unusual number of new prolific "followers" entering the Twitter network that have hardly any followers themselves (an example of one that's following me appears to the right). That's because they are spammers and, if only a handful of Twitter users return the favor, the result will be that their spam-like messages will begin to proliferate across the Twitter network. Like spam with e-mail, the Twitter spam takes up network bandwidth, page space, and storage.

Unlike with e-mail, however, the motivations for exploiting the Twitter network (and the ROI) are highly questionable. With e-mail, for example, there's a greater likelihood that spam recipients might click on a link that leads them into a downward spiral down some never-ending browser black hole that's ultimately beneficial to some spammers in some way. But, because of Twitter's publish and subscribe model, it's a lot harder for a Twitter spammer to drive their messages into the network, not to mention how any Web addresses are thoroughly exposed, thereby often giving away their insidious intent (Twitter doesn't support the hyperlinking of text). Ostrow continues:

....one of the nice things about the service is that I don't have to follow this person back, and hence their messages will never reach me. However, the problem is that this rampant rise in new "commercial" followers is forcing me to think hard about whether I want to return follow anyone -- which will ultimately lead to a lower quality conversation. What this means is that legit users that are just discovering Twitter are going to have a harder time acquiring an audience, since those of us that have been around a while will become skeptical of people with a disproportionate following-to-followers ratio. If these people can't find an audience, they're likely to stop using Twitter, which means the company's ambitions of crossing over into the mainstream could be short-lived....

It's a brilliant observation and this is exactly one of the ways in which spammers have ruined the Internet's e-mail system. The consequences (essentially turning it off altogether) aren't that far-fetched. Today, thanks to phishing (a form of spam), most of us completely distrust any e-mail message that claims to come from a bank. Most such messages get deleted without ever being opened. Unfortunately for banks, the Internet's e-mail system has thusly become an ineffective means through which to reach customers.

One reason Twitter spammers are exploiting the network is because of the low barrier to doing so. In his post, Ostrow points out how there are tools available through the Internet that make it possible to follow a massive number of Twitter user with one click. This again is a replication of the cottage spam industry that has sprung up around e-mail. where similar tools for exploiting the e-mail system for nothing but nefarious intent exist.

Twitter (and Jaiku and others like it) will likely be left with no other choice but to throw a bit of friction into the Twitter business process. Ostrow mentions captcha (Completely Automated Public Turing Test to Tell Computers and Humans Apart) and, for now, captcha is probably the easiest and most commonly accepted (though defeatable) way to guarantee that when a Web form gets filled out, that it gets filled out by human rather than software. But therein lies two other travesties.

First, the beauty of software (and I use that term loosely) is how it takes so much friction out of what is otherwise a laborious process. In almost all contexts, the introduction of security invariably means the introduction of friction and a slow creep back toward laboriousness. All too often, the cost of security is needless friction. It's in our software, on our Web sites, at the airports, etc.

Second, it's one thing to throw some friction into a business process to make sure there's a human on the other end of that business process. But today, in this software-as-a-service world, what about services (like Twitter) that also are available to developers through application programming interfaces?

APIs by design are for non-humans and, for promising communications ecosystems like Twitter, they play an important role in mass adoption (to the benefit of the entrepreneurs who start such services). Evolution demonstrates how parasites adapt. Rapidly. Whether it's Twitter or some other API-accessible service, spammers will no doubt exploit those APIs to the point that a different kind of friction -- the sort that really stifles innovation and adoption into third-party applications -- will need to be introduced as well.

And perhaps that's the true cost of spam wherever it shows up: the stifling of innovation.

About the Author

David Berlind

Chief Content Officer, UBM TechWeb

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights