A bot in action
There is much talk of bots on Twitter but it is not always clear how they work and quite how dangerous they are. Some are merely follower accumulators that exploit people who follow back but others can be much more sinister. For this blog post I thought I would run through one that I came across by accident.
The story starts with a random follow. In to my inbox dropped this message.
As you can see it looks at first glance like a fairly standard Twitter user. Perhaps the picture of the Femme Fatal looks a bit odd but there is nothing screamingly odd about it. The follow back bio is perhaps the biggest give away but it is not necessarily a sign of something wrong.
The actual Twitter page is where the signs start to show.
Femme Fatal plus picture of cute cat? Ok, it’s starting to look a bit like bait at this point. There is a decent amount of tweets that look scheduled or generated and a reasonable amount of favourites so someone has put some amount of effort in to getting this thing looking reasonable. 2001 following is a bad sign – if you are running a bot then at least have the common sense not to set it to batches of round numbers. The extra one doesn’t convince.
Still, it doesn’t look too harmless at this point.
It also has a site attached so it might just be someone genuine trying to boost their account with a bit of script action. Let’s have a look at the site.
Things start to get a bit smellier once you arrive here. Firstly the site is obviously a basic template of some sort. The content on the site seems to be quite random. Beauty tips, holiday visits, life hacks. What content is this site actually trying to give to users? A genuine site would be putting out content on a particular theme or area – not randomly grabbing bits and pieces from all manner of different subject areas.
It all seems to have come from one of the numerous content hubs like Scoop.it that are used to share and distribute interesting content. These content hubs are genuine sites that allow users to register their content and gain access to other content for syndication. They are used legitimately by anyone trying to put together a news feed for a site or create an aggregator site. They are also used by people looking for easy content to put in to a fake site like this one.
Still, at this point it is not in any way dangerous. Just a bit of fake site to back up the bot.
Let’s scroll down and see what happens.
Oh dear. It all just got a lot shadier.
The site has used a bit of JavaScript to get the user to login with Facebook or Google+. You can also give it your email address if you are feeling especially stupid.
Oh dear.
What started as a simple bot has now got a lot more dangerous. What it really wants is you to give it your details and this is not good, especially since you never asked it to do this. The act of scrolling down a page should not make a site prompt you to login.
As you can see on the screen grab the content is all within a day or two so whoever has put this together has been especially lazy. Chances are this entire site has been scripted.
It might be just interested in getting some friends for its Google+ or Facebook accounts (which are much more valuable than a follow on Twitter) but the reality is that logging in to this thing may give it API access.
At this point I stopped. Never use your credentials to login to a site you do not trust. Under any circumstances. At best you will end up friending a bot, at worst they may be able to fool you in to authorising API access which means they have effective control of the social account you used to login with. Expect all your Google+ and Facebook friends to suddenly get an invite and if they do so then they will be doing it because you have friended it first.
This whole setup is a particularly nasty bot. There are a lot of these about and it is very easy for the untrained user to be caught out. It’s not the fault of the social engines; just a crude attempt at social manipulation and when it gets torn down it will simply be replaced by another variant a few days later.
Heed my words. Be careful out there.