Tag Archive | "spam"

What Is Facebook’s Datr Cookie, and Why Does Belgium Want It Gone?

Tags: , , , , , , , , , , , , ,


Article courtesy of SocialTimes Feed

‘Everyone Will Know?’ Not on Facebook Last Week

Tags: , , , , , , , , , ,


Article courtesy of SocialTimes Feed

Truecaller Launches Truemessenger SMS App to Combat Mobile Spam

Tags: , , , , , , , , , ,


Article courtesy of SocialTimes Feed

Report: How Social Spam Distorts Data Insights

Tags: , , , , , , , , , , ,

Social media is riddled with spam. Up-and-coming networks attract spam as they grow quickly, and older networks have to deal with ever more sophisticated bots. A new report from Networked Insights examines how spam and bots distort the insights brands try to gain from social media.

According to the report, nine percent of all users tweeting in English are non-consumers, and these accounts represented 15 percent of all tweets. Networked Insights defines non-consumers as “social bots, celebrities, brand handles and inactive accounts.”

As a result of this non-consumer content, much of the social data collected by social data scientists is ‘dirty.’ The New York Times reports that data scientists spend 50 to 80 percent of their time just cleaning up data before it can be analyzed. Weeding out the spam and other false data points slows down the process and makes it harder to gain real insights from data sets.

Social spam is defined by Networked Insights as coupon postings, product listings, contests and giveaways, which combined, make up nearly six percent of social posts. Adult content makes up less than three percent of posts, and general spam such as gibberish makes up a little more than one percent.

Different networks have varying levels of social spam. Nearly 30 percent percent of forum posts are social spam, nearly 20 percent of blogs and comments are spam, and more than nine percent of tweets are social spam.

chartMany brands are overrun by this spam. 95 percent of the conversation around Rite Aid and Elizabeth Arden, 81 percent of the conversation around Visa is social spam. This kind of negative atmosphere could erode trust in these brands.

Very little of this social spam comes from real consumers. 53 percent of the content is generated by social bots, 23 percent comes from verified and brand accounts, and 11 percent comes from accounts that have been suspended, cancelled or disabled by Twitter.

Networked Insights used the food and beverage vertical to analyze the effect of removing spam from the conversation. The clustered data before spam removal showed large focuses on beer, pizza, coffee, cake, and adult content. After all the spam was removed from the conversation — 14 percent of all posts — nuanced conversations began to emerge.

This more nuanced conversation included topics such as vegan eating and ethnic fast food. The implication here is that relying on a dirty data set could in inaccurate audience targeting, and  misinterpreting what their audience really cares about.

Dirty data could also impact things like industry benchmarking.  For instance, it could be hard to compare two brands operating in the same vertical, but have vast disparity between the amount of spam they receive.

Networked Insights suggests removing spam from your data sets before trying to analyze what consumers are talking about. By doing so, your brand will have a clear understand of your customers’ interests, and the granular conversations could present new opportunities for your business.

Image courtesy of Shutterstock.

Article courtesy of SocialTimes Feed

Facebook Releases ThreatExchange API Documentation

Tags: , , , , , , , , , , , ,

WhyThreatExchangeFacebook introduced ThreatExchange last month as a way for tech companies to share information about malware and other security threats, and the social network announced Friday that the application-programming-interface documentation for ThreatExchange, as well as the PHP and Python reference code, are now available on GitHub.

Facebook threat infrastructure team manager Mark Hammell also offered details on how graph-based sharing of threat intelligence works in a note on the ThreatExchange page:

The first thing to understand about the design of ThreatExchange is that it’s a subset of APIs residing within the much larger set of Graph APIs used by third-party developers to programmatically interact with Facebook. Much like any other third-party developer, a ThreatExchange member starts by creating a Facebook platform application and then uses it to query or post threat data into ThreatExchange. Once Facebook grants access to a developer’s application, they interact with ThreatExchange by issuing RESTful API calls to the Facebook platform. This API based approach works well for our current members, all of whom are looking to integrate the data available via ThreatExchange into their existing security systems. ThreatExchange data doesn’t show up, or have any link, to the personal Facebook accounts of the application owners or people who use them.

Another core design component of ThreatExchange is that the data is modeled in what mathematicians and computer scientists commonly call a graph. This design — the same one Facebook uses to represent your Facebook account and connections between friends — lends itself very well to representing real-world interactions between threats like malware, bad domains and spammy URLs.

We will continue using this page to provide details about the design, functionality and new features of ThreatExchange. We are growing the platform slowly at this stage to ensure that it works well for all members, but our long-term goal is that organizations anywhere will be able to use these features of ThreatExchange to share threat information more easily, learn from each other’s discoveries and make everyone’s systems safer.

Article courtesy of SocialTimes Feed

Facebook ThreatExchange Lets Tech Firms Share Info on Security Threats

Tags: , , , , , , , , , , ,

ThreatExchangeLogo650ThreatExchange may sound sinister, but it’s actually a way for tech companies to share information about malware and other security threats.

Facebook threat infrastructure team manager Mark Hammell introduced ThreatExchange in a note on the Protect the Graph page, saying that a malware-based spam attack last year was the impetus behind the initiative, and naming Pinterest, Tumblr, Twitter and Yahoo as early participants, while citing Bitly and Dropbox as more recent additions.

Hammell wrote in the note:

A little over a year ago, a group of technology companies came together to discuss a botnet that was spreading a malware-based spam attack on all of our services. We quickly learned that sharing with one another was key to beating the botnet because parts of it were hosted on our respective services and none of us had the complete picture. During our discussions, it became clear that what we needed was a better model for threat sharing.

Expanding on those conversations, Facebook offered to build what has now become ThreatExchange, an API-based (application-programming interface) platform for security threat information. It was natural for us because our core service is a platform for sharing and because we already had a threat analysis framework called ThreatData that we could build upon. Feedback from our early partners centered on the need for a consistent, reliable platform that could provide flexibility for organizations to be more open or selective about the information they share. As a result, we included a set of privacy controls so that participants can share only with the group or groups they wish.

ThreatExchange is built on the existing Facebook platform infrastructure, and we layered APIs on top of it so that partner companies can query the available threat information and also publish to all or a subset of participating organizations. Threat data is typically freely available information like domain names and malware samples, but for situations where a company might only want to share certain indicators with companies known to be experiencing the same issues, built-in controls make limited sharing easy and help avoid errors by using a pre-defined set of data fields.

We’re grateful to Pinterest, Tumblr, Twitter, and Yahoo for their early participation and helpful feedback in the development of ThreatExchange, and we’re excited to be welcoming new contributors like Bitly and Dropbox. If you’re interested in participating in our beta of ThreatExchange or have a feed we should consider integrating, please visit threatexchange.fb.com and fill out the form on the final page so that we can contact you as we continue growing the platform.

Our goal is that organizations anywhere will be able to use ThreatExchange to share threat information more easily, learn from each other’s discoveries and make their own systems safer. That’s the beauty of working together on security. When one company gets stronger, so do the rest of us.

Hammell also spoke with TechCrunch, saying:

We volunteered to build an external version based on one we had in-house that would help these other companies share this kind of information with each other or with broader community-based privacy controls we built and they chose to use.

This was purely the serendipity of the graph.

As we are building this platform, we have been pushing the intelligence around this botnet, and proactively blocking the spam.

Readers: How big of an issue have you found spam on Facebook to be?

Article courtesy of SocialTimes Feed

Apple Files Patent For Automated Disposable Email Addresses To Help Handle Spam

Tags: , , , , , , ,


A new Apple patent application published today (via AppleInsider) details a system for heading off email spam and tracking its source. The tech automates a process many people now use manually, setting up temporary email addresses to be used for web service signups, which can then be thrown away when compromised by a spammy service, and provide clues as to which provider betrayed your trust.

The system would automatically generate disposable email addresses based on the service you want to use it with, and possibly contain an identifier in its construction to let you know where spam is coming from. So, for instance, if you signed up for Service X, the email might be “First.last.service@provider.com.” Managing said email addresses and dealing with cutting off the ones that are subject to spam can be done through web and app graphic user interfaces, as described in the patent, too.

Spam is a problem that only increases the more we use email and the web, and addresses not diligently maintained can quickly become overwhelmed with inbound communications from services not necessarily being responsible with your shared information. Apple may seem like an odd candidate as someone trying to tackle this problem, but the company has iCloud and acts as an email provider as part of that product’s suite of cloud services. It’s in the company’s best interest to minimize spam and help pare down on email address churn – if users can manage to keep one permanent address safe from spammers, they won’t have to change their main contact info frequently, which has benefits in terms of protecting the integrity of iTunes and Apple ID accounts.

Article courtesy of TechCrunch

Snapchat Apologizes For Snap Spam, Claims It’s Unrelated To Data Breach

Tags: , , , , , , ,


Snapchat delayed apologizing for a big user data breach last month but was quick to say sorry today to users who received “Snap Spam” over the weekend — unwanted photos and videos.

“We’ve heard some complaints over the weekend about an increase in Snap Spam on our service. We want to apologize for any unwanted Snaps and let you know our team is working on resolving the issue,” Snapchat wrote in a blog post today. However, it said the issue appeared to be unrelated to the user data breach.

That last part addresses worries that, because 4.6 million usernames and associated partial-phone numbers leaked, spammers could be attempting to send spam Snaps to every username they can find. Many people only allow Snaps from friends, but others accept them from anyone with their user name, opting for privacy by obscurity.

CEO Evan Spiegel personally denied the connection in a tweet:

@2William nope. Did you change your settings so that only your friends can send you snaps?—
Evan Spiegel (@evanspiegel) January 12, 2014

To keep people safe, Snapchat recommends going into the app’s “Who can send me snaps” setting and only allow Snaps from friends you approve.

Snap settingsSnap spam could derail the growth of Snapchat if it goes unchecked. There’s something really exciting about receiving a legitimate Snap, and knowing you have to pay attention when watching because you only get to see it once (or twice thanks to the new Replay feature). But Snap spam erodes this anticipation, and could make users weary of notifications that they’ve received a new ephemeral message.

Snapchat has been aware of the threat for months, as it published a blog post in April called “Snap Spam (Ew.)”. At the time, it said it was working on long-term solutions, but also recommended not accepting Snaps from strangers.

One problem with fighting the spam surge is that there’s no way to currently report spam. You can only block it. That makes it harder for Snapchat to tell whether someone was blocked for sending amateur unwanted Snaps, or for sending serious spam and should have their account shut down.

A rise in Snap spam may be an inevitable growing pain of a social network increasingly becoming a household name. It may have finally passed the threshold of becoming interesting to spammers. Instagram began to endure a similar issue with spam photos and comments, but was in part saved by its acquisition by Facebook. The parent company threw its veteran anti-spam team against the problem and Insta-spam has curtailed.

At the very least, critics may be silenced by Snapchat’s sudden willingness to apologize. Perhaps the flurry of punches from the press finally got to CEO Evan Spiegel. Most people agree that apologizing isn’t a sign of weakness but of respect for users.

[Image: Softonic]

Article courtesy of TechCrunch

Developer Spams Google Play With Ripoffs Of Well-Known Apps…Again

Tags: , , , , , , , , ,

google play spam

It’s not uncommon to search the Google Play app store and find a number of knock-off or “fake” apps aiming to trick unsuspecting searchers into downloading them over the real thing – especially when the app in question isn’t yet available on Android. But one developer really went out of his or her way over New Year’s to fill the Android app marketplace with a number of rip-offs of big-name startups and other tech companies, including IFTTT, Slideshare, Snapguide, Wolfram Alpha, Fiverr, Upworthy, MySpace, and more.

Many of the apps chosen are still iOS-only, making the matter worse.

Listed under the developer’s very generic name, “Premium App,” the knock-offs sometimes have a “U” following the app’s title, indicating that they’re really just a user’s guide to the service, not the real app. Many, like IFTTT, (which Premium App has ripped off twice – once as “IFTT” instead of “IFTTT” to capitalize on misspellings), are available as paid downloads ranging from $1.36 USD to $2.75 USD.

google play spam3

google play spam2

The apps were released just at the end of December, as the developer was probably hoping to capitalize on a reduced staff handling Google Play app store spam complaints over the holidays. Calling attention to the problem – as we’re doing now – will likely see the apps quickly pulled as Google reacts to the situation. (We reached out to the developer via email, but have not heard back.)

However, the fact that these apps were ever allowed in the first place – for nearly a week in some cases (at least, so far) – highlights a still ongoing problem with the Google Play review process…or rather, the lack of one. This issue has been happening for some time, too, and it’s concerning given that malware is often served up by the faked versions of popular apps. Now, whenever I’m searching for an Android app, I notice I’m always giving it a second look to make sure that I’m not being fooled. Mainstream, less savvy users are probably not as careful, which means they’re the ones getting burned.

As one confused user writes under the fake IFTT app, “Did this app really just come out today? Dec 30,2013?? The day I downloaded it? Seems unlikely. It said 2011 a minute ago. Is this app just a browser?

google play spam4

But as Google explains in its Developer Distribution agreement, the company “does not undertake an obligation to monitor the Products or their content.” (Products, meaning apps.) Instead, Google may remove apps from the store when problems are brought to its attention. That means legitimate developers, in addition to their very many other tasks, have to keep an eye on Google Play to make sure no one is trying to rip them off, and then submit complaints when someone does. At times, Google will also run a massive cleanup of its app store, dealing with the situation in one fell swoop, as opposed to carefully reviewing apps one-by-one.

It’s not like Google doesn’t have staff paying attention to its app store in a more proactive manner. After all, the company was fairly quick to eject the CyanogenMod installer app, which allows users to completely modify standard Android, plus add new features. But unlike modding, fake apps aren’t an immediate threat to Google’s monetization and control over Android like CyanogenMod is, they’re only a threat to the end user’s experience, security, privacy, and…hey, wait…isn’t that enough to warrant more attention, Google?

[Thanks, tipster]

Article courtesy of TechCrunch

I, Spammer

Tags: , , , , , , , , , ,


As I approach the half-way mark of my crowdfunding project, I wanted to address the thing that makes me feel the worst about this whole process: the spam. As I intimated in in my last post, moving from passive content producer to active content salesperson is hard. As someone used to fire-and-forget posting, convincing others to buy something I’ve built is a hard thing to do. And the best way to do it, sadly, is through spam.

Screen Shot 2013-12-31 at 11.05.33 AM

I pride myself on trying to be a nice guy. I post crowdfunding projects on TC all the time because I think they’re cool and I tend to use social media to either make dumb jokes or talk about projects I’ve seen. Now, however, I have to use social media as a sales tool. I contact the vast majority of my Facebook friends directly, have retweeted comments about the book, and even resorted to contacting my LinkedIn and Google+ contacts although I barely use those services. How did I get the most traction, however?


Take a look at the image above. Aside from a massive Facebook push around Christmas each of those spikes were driven by an email blast sent out on or around that date. Emails took a few days to appear as pledges but after each email I was able to push the total up by at least $1,000. Even given the horrible click rates, those are very compelling numbers.

Screen Shot 2013-12-31 at 11.15.32 AM

Now, to be clear, I don’t think it was just the email. These lists consist of people who have signed up for my various projects and folks I’ve met in my travels. They know me and many have the ulterior motive of staying friendly with a TC editor. Would I have the same results of I were some dude selling penis pills online? I sincerely doubt it. However, I could see this working if the email list were in the millions and not in the thousands.

In short, direct contact works best. As one crowdfunder told me “When someone gets an email from you they can do one of two things: ignore it and feel bad/indifferent or act on it.” In my case I was lucky that so many acted on it.

Again, I’ve been consistently amazed how little Twitter and Facebook – aside from direct messages – have contributed to the process. While these tweets and twoots are great for getting the word out – I’m not ungrateful by any means – the actual conversion is limited. Broadcasting “Buy This!” is far less effective than saying “Hey, friend, buy this.”

Do I feel bad about this spam? Well, I’ve tried to keep it to a minimum and now that I’m well past my original $8,000 goal I feel bad for continuing to market. But, in the end, this is a project I love and feel deserves to do well. What would I change in the future? I’d create some sort of system so I don’t re-target backers who have already helped out – that’s something that really upset me and I’ve received two emails from friends about it. Essentially I haven’t found any system for truly segmenting out who I contact although I’m sure solutions exist (and feel free to let me know if you have one).

Still I’m amazed at the reach and power at good old email. It sucks, but it’s true: spam works and it works well. In the end, a nice message, carefully wrought, results in far less blowback than a wonky diet pill email, but the process is the same. Like it or not, direct email is a crowdfunder’s best friend.

This is part of a series on crowdfunding, The Mytro Project. For future posts I’m looking for more input from online analysts and other crowdfunding platforms so please email me at john@techcrunch.com.

Article courtesy of TechCrunch

February 2016
« Jan