SybilGuard: defending against sybil attacks via social networks
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
An inquiry into the nature and causes of the wealth of internet miscreants
Proceedings of the 14th ACM conference on Computer and communications security
Spamscatter: characterizing internet scam hosting infrastructure
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Spamming botnets: signatures and characteristics
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
@spam: the underground on 140 characters or less
Proceedings of the 17th ACM conference on Computer and communications security
Detecting and characterizing social spam campaigns
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Detecting spammers on social networks
Proceedings of the 26th Annual Computer Security Applications Conference
Re: CAPTCHAs: understanding CAPTCHA-solving services in an economic context
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Click Trajectories: End-to-End Analysis of the Spam Value Chain
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Design and Evaluation of a Real-Time URL Spam Filtering Service
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Estimating the number of users behind ip addresses for combating abusive traffic
Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
Measuring pay-per-install: the commoditization of malware distribution
SEC'11 Proceedings of the 20th USENIX conference on Security
Dirty jobs: the role of freelance labor in web service abuse
SEC'11 Proceedings of the 20th USENIX conference on Security
An analysis of underground forums
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Suspended accounts in retrospect: an analysis of twitter spam
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Proceedings of the 21st international conference on World Wide Web
Serf and turf: crowdturfing for fun and profit
Proceedings of the 21st international conference on World Wide Web
Adapting social spam infrastructure for political censorship
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
PharmaLeaks: understanding the business of online pharmaceutical affiliate programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Follow the green: growth and dynamics in twitter follower markets
Proceedings of the 2013 conference on Internet measurement conference
Hi-index | 0.00 |
As web services such as Twitter, Facebook, Google, and Yahoo now dominate the daily activities of Internet users, cyber criminals have adapted their monetization strategies to engage users within these walled gardens. To facilitate access to these sites, an underground market has emerged where fraudulent accounts - automatically generated credentials used to perpetrate scams, phishing, and malware - are sold in bulk by the thousands. In order to understand this shadowy economy, we investigate the market for fraudulent Twitter accounts to monitor prices, availability, and fraud perpetrated by 27 merchants over the course of a 10-month period. We use our insights to develop a classifier to retroactively detect several million fraudulent accounts sold via this marketplace, 95% of which we disable with Twitter's help. During active months, the 27 merchants we monitor appeared responsible for registering 10-20% of all accounts later flagged for spam by Twitter, generating $127-459K for their efforts.