Twitter shared details about its strategy for fighting spam and bots
29.6.18 securityaffairs 

Twitter provided some details on new security processes aimed at preventing malicious automation and spam.
The tech giant also shared data on the success obtained with the introduction of the new security measures.
Social media platform are a privileged tool for psyops and malicious campaign, for this reason, Twitter rolled out new features to detect and prevent any abuse.

Threat actors make a large use of bots to spread propaganda and malicious links, and social media platforms are spending significant efforts in threats mitigation.

Twitter claims it challenged in May more than 9.9 million potentially automated accounts used for malicious activity every week. The data shows a significant decrease from 6.4 million in December 2017.
The social media platform said that the security measures allowed to drastically reduce spam reports received from users, from 25,000 daily reports in March to 17,000 in May.
The company is removing 214% more spam accounts compared to 2017. Twitter suspended over 142,000 apps in the first quarter of 18, most of them were shut down within a week or even within hours after being registered.

Twitter introduced measures to evaluate account metrics in near-real time.

The platform is able to recognize bots activity detecting synchronized operations conducted by multiple accounts.

Twitter announced it will remove follower and engagement counts from accounts flagged as suspicious that have been put into a read-only state until they pass a challenge, such as confirming a phone number.

“So, if we put an account into a read-only state (where the account can’t engage with others or Tweet) because our systems have detected it behaving suspiciously, we now remove it from follower figures and engagement counts until it passes a challenge, like confirming a phone number.” reads the blog post published by Twitter.

“We also display a warning on read-only accounts and prevent new accounts from following them to help prevent inadvertent exposure to potentially malicious content,”
The company introduced measures to audit existing accounts and control the creation of New ones.
Twitter is incresing checks on the sign-up process to make idifficult to register spam accounts, for example requesting more iteration ti the user such as the confermatuon of an email address.

“As part of this audit, we’re imminently taking action to challenge a large number of suspected spam accounts that we caught as part of an investigation into misuse of an old part of the signup flow,” continues the post. “These accounts are primarily follow spammers, who in many cases appear to have automatically or bulk followed verified or other high-profile accounts suggested to new accounts during our signup flow.”

The company is investing in behavioral detection, its engineers are working to introduce measures that one detected suspicions activities by challenging the owner of the account in actions that request its interaction.