nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

700,000 beautiful women do the bidding of one Twitter-scamming man

Weight loss scam used oodles of accounts to get the clueless shelling out for useless beans

By Darren Pauli, 27 Mar 2015

Satnam Narang of Symantec says one scammer was so taken with Twitter he established 750,000 accounts.

The senior security response manager found the one man spam plague set up the mind boggling number of Twitter accounts he calls 'mockingbirds' to flog Green Coffee Bean Extract earning cash for visitors referrals.

Narang said the single scammer impersonated news outlets and celebs throughout last year, to spruik the bogus weight loss product.

"One of the most interesting aspects of this spam operation is the preservation and recovery tactics employed by its operator in order to avoid anti-spam measures, Narang says in the obviously-named paper Uncovering a persistent diet spam operation on Twitter (pdf).

"Since the beginning of 2014, a single individual conducted a vast spam operation on Twitter for over a year by using nearly 750,000 fake Twitter accounts."

Narang did not name the scammer he found who stood to earn up to US$60 for every credit card Green Bean trial, but said the fiend registered some websites in his real name and tasked one known Twitter bot to retweet his legitimate account.

How the scam works

The scam was composed of three type of accounts that imitated brands, stole tweets and avatars, and were empty fake followers - or mockingbirds, parrots and eggs respectively in Symantec lingo.

Media sites like TMZ, MTV, Yahoo! and the Beeb are some of the launched list of mockingbird accounts, while scores of celebrities and random photos of attractive women filled the parrot accounts in a bid to score real followers.

Narang says more than 700,000 of the accounts are eggs, 40,000 parrots, and about 100 mockingbirds.

The tactic using obviously fake profiles with avatars of attractive women to score reciprocal follows is sadly "remarkably effective", Narang says.

The engineer goes into minute detail about the activities of the accounts which centre on building credibility with non-security savvy users.

He says the resiliency of the architecture meant torpedoed accounts could be quickly replaced in a linear fashion with eggs becoming parrots and parrots to mockingbirds.

Narang recommends users follow only verified celebrity accounts and reminds punters that there's no such thing as a free lunch:

"At the end of the day, weight loss requires more than just a dietary supplement." ®

The Register - Independent news and views for the tech community. Part of Situation Publishing