More Web Proxy on the site http://driver.im/

research-article

Social networks and context-aware spam

Authors:

Kevin BordersAuthors Info & Claims

CSCW '08: Proceedings of the 2008 ACM conference on Computer supported cooperative work

Pages 403 - 412

https://doi.org/10.1145/1460563.1460628

Published: 08 November 2008 Publication History

Abstract

Social networks are popular for online communities. This paper evaluates the risk of sophisticated context-aware spam that could result from information sharing on social networks and discusses potential mitigation strategies. Unlike normal spam, context-aware spam would likely have a high click-through rate due to exploitation of authentic social connections. Context-aware spam could lead to more insidious attacks that try to install malware or steal passwords. In this paper, we analyzed Facebook, a popular social networking website. Our goal was to determine how many users were vulnerable to context-aware attack email and understand aspects of Facebook's design that make such attacks possible. We also classified different kinds of email attacks based on certain pieces of data such as birthdays, lists of friends, wall posts, and user news feeds. We analyzed Facebook starting from a single university e-mail address to calculate the number of users who would be vulnerable to each type of attack. We found that a hacker could send sophisticated context-aware email to approximately 85% of users. Furthermore, our analysis shows that people with private profiles are almost equally vulnerable to a subset of attacks. Finally, we discuss defense strategies. Some strategies would require users to coordinate their privacy policies with each other. We also suggest design improvements for social networks that may help reduce exposure to context-aware attack email.

References

[1]

Arrington, M. 85% of College Students use Facebook, Sept. 2005. (http://www.techcrunch.com/2005/09/07/85-of-college-students-use-facebook/)

[2]

Barabàsi, A., Albert, R. and Jeong, H. Scale-free characteristics of random networks: the topology of the world-wide web, Physica A 281 (2000), 69--77.

[3]

boyd, d. m. Friendster and publicly articulated social networking. In CHI '04 Extended Abstracts on Human Factors in Computing Systems, ACM Press (2004), 1279--1282.

Digital Library

[4]

Brodkin, J. Phishing researcher 'targets' the unsuspecting, Network World, 24, 31 (Aug. 2007), 26.

[5]

CBC News, Facebook 'ideal' for phishing attacks: researcher, April 2007. http://www.cbc.ca/technology/story/2007/04/13/tech-facebookphishing-20070413.html

[6]

Dwyer, C., Hiltz, S., and Passerini, K.Trust and privacy concern within social networking sites: A comparison of Facebook and MySpace, Proc. 13th Americas Conf. Information Systems, Association for Information Systems, 2007.

[7]

ESPC/Ipsos, Email Survey Summary, December 2006. http://www.espcoalition.org/ESPC_Ipsos_Survey_Executive_Summary.pdf

[8]

Furnell, S. and Ward, J. Malware comes of age: The arrival of the true computer parasite, Network Security, 2004, 10 (October 2004), 11--15.

Digital Library

[9]

Gross, R. and Acquisti, A. Information revelation and privacy in online social networks (the Facebook case). ACM Workshop on Privacy in Electronic Society (WPES), ACM Press (2005), 71--80.

Digital Library

[10]

Hodge, M. The Fourth Amendment and Privacy Issues on the "New" Internet: Facebook.com and Myspace.com, Southern Illinois University Law Journal, Fall 2006.

[11]

Jackson, M. O. A Survey of Models of Network Formation: Stability and Efficiency, in Group Formation in Economics; Networks, Clubs and Coalitions, edited by Gabrielle Demange and Myrna Wooders, Cambridge University Press: Cambridge U.K., 2004.

[12]

Jackson, M. O. and Rogers, B. W. Meeting strangers and friends of friends: How random are social networks? American Economic Review 97 (2007), 890--915.

[13]

Jagatic, T., Johnson, N., Jakobsson, M. and Menczer, F. Social Phishing, Comm. ACM, 50, 10, (Oct. 2007).

Digital Library

[14]

Jakobsson, M. and Ratkiewicz, J. Designing ethical phishing experiments: a study of (rot13) ronl query features. In Proc. WWW '06, ACM (2006), 513--522.

Digital Library

[15]

Jones, H. and Soltren, J. H. Facebook: Threats to Privacy, MIT manuscript, December 2005. Available at http://www.swiss.ai.mit.edu/6095/student-papers/fall05-papers/facebook.pdf.

[16]

Lampe, C., Ellison, N., and Steinfield, C.A face(book) in the crowd: social Searching vs. social browsing, In Proc. CSCW, ACM Press (2006), 167--170.

Digital Library

[17]

Lampe, C. A., Ellison, N., and Steinfield, C. A familiar face(book): profile elements as signals in an online social network. In Proc. CHI'07, ACM Press (2007). 435--444.

Digital Library

[18]

Liam Tung, Social networking 'addiction' aids phishing, May 2007. http://www.zdnetasia.com/news/security/0,39044215,62027706,00.htm.

[19]

Newman, M. E. J., Forrest, S., and Balthrop, J. Email networks and spread of computer viruses, Physical Review E 66, 035101(R) (2002), 1--4.

[20]

Symantec, Report: Hackers Turning to Social-Networking Sites, September 2006.

[21]

Tsow, A., and Jakobsson, M. Deceit and Deception: A Large User Study of Phishing, Technical Report TR649, Indiana University, August 2007.

[22]

Von Ahn, L. and Dabbish, L. Labeling images with a computer game. In Proc. CHI '04. ACM Press(2004), 319--326.

Digital Library

Cited By

Srivastava AMishra R(2024)What is my privacy score? Measuring users’ privacy on social networking websitesElectronic Commerce Research10.1007/s10660-023-09796-0Online publication date: 1-Feb-2024
https://doi.org/10.1007/s10660-023-09796-0
Haq IQiu WGuo JPeng T(2023)Spammy Names Detection in Pashto Language to Prevent Fake Accounts Creation on Social Media2023 8th International Conference on Signal and Image Processing (ICSIP)10.1109/ICSIP57908.2023.10270845(614-618)Online publication date: 8-Jul-2023
https://doi.org/10.1109/ICSIP57908.2023.10270845
Patel N(2020)SOCIAL ENGINEERING AS AN EVOLUTIONARY THREAT TO INFORMATION SECURITY IN HEALTHCARE ORGANIZATIONSJurnal Administrasi Kesehatan Indonesia10.20473/jaki.v8i1.2020.56-648:1(56)Online publication date: 28-Mar-2020
https://doi.org/10.20473/jaki.v8i1.2020.56-64
Show More Cited By

Index Terms

Social networks and context-aware spam

Recommendations

Leveraging Social Networks to Fight Spam

Social networks are useful for judging the trustworthiness of outsiders. An automated antispam tool exploits the properties of social networks to distinguish between unsolicited commercial e-mail spam and messages associated with people the user knows.
Building social capital with Facebook: Type of network, availability of other media, and social self-efficacy matter^#
Highlights
- Type of friends affects building social capital via Facebook and traditional media.
Abstract
Findings about Facebook's effect on relationships are mixed, possibly due to lack of models that acknowledge differences across users, types of their friends, and use of competing media. To address this, we proposed and tested how ...
Rise of spam and compromised accounts in online social networks

Ever increasing fame and obsession for social networks has also coxswained a dramatic increase in the presence of malicious activities. As a result, various researchers have proposed different features and techniques to detect and reduce this menace. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CSCW '08: Proceedings of the 2008 ACM conference on Computer supported cooperative work

November 2008

752 pages

ISBN:9781605580074

DOI:10.1145/1460563

General Chairs:
Bo Begole
PARC, USA
,
David W. McDonald
University of Washington, USA

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 November 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CSCW08

Sponsor:

CSCW08: Computer Supported Cooperative Work

November 8 - 12, 2008

CA, San Diego, USA

Acceptance Rates

Overall Acceptance Rate 2,235 of 8,521 submissions, 26%

Upcoming Conference

CSCW '25

Sponsor:
sigchi

Computer-Supported Cooperative Work and Social Computing

October 18 - 22, 2025

Bergen , Norway

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

88
Total Citations
View Citations
2,401
Total Downloads

Downloads (Last 12 months)11
Downloads (Last 6 weeks)1

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Srivastava AMishra R(2024)What is my privacy score? Measuring users’ privacy on social networking websitesElectronic Commerce Research10.1007/s10660-023-09796-0Online publication date: 1-Feb-2024
https://doi.org/10.1007/s10660-023-09796-0
Haq IQiu WGuo JPeng T(2023)Spammy Names Detection in Pashto Language to Prevent Fake Accounts Creation on Social Media2023 8th International Conference on Signal and Image Processing (ICSIP)10.1109/ICSIP57908.2023.10270845(614-618)Online publication date: 8-Jul-2023
https://doi.org/10.1109/ICSIP57908.2023.10270845
Patel N(2020)SOCIAL ENGINEERING AS AN EVOLUTIONARY THREAT TO INFORMATION SECURITY IN HEALTHCARE ORGANIZATIONSJurnal Administrasi Kesehatan Indonesia10.20473/jaki.v8i1.2020.56-648:1(56)Online publication date: 28-Mar-2020
https://doi.org/10.20473/jaki.v8i1.2020.56-64
Talukder SCarbunar B(2020)A Study of Friend Abuse Perception in FacebookACM Transactions on Social Computing10.1145/34080403:4(1-34)Online publication date: 28-Sep-2020
https://dl.acm.org/doi/10.1145/3408040
Roshini Asai VChowdary SKommineni MH A(2020)An Efficient SecureU Application to Detect Malicious Applications in Social Media Networks2020 6th International Conference on Advanced Computing and Communication Systems (ICACCS)10.1109/ICACCS48705.2020.9074169(1169-1175)Online publication date: Mar-2020
https://doi.org/10.1109/ICACCS48705.2020.9074169
Gruss DKraft ETiwari TSchwarz MTrachtenberg AHennessey JIonescu AFogh ACavallaro LKinder JWang XKatz J(2019)Page Cache AttacksProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security10.1145/3319535.3339809(167-180)Online publication date: 6-Nov-2019
https://dl.acm.org/doi/10.1145/3319535.3339809
Wang XZha XNi WLiu RGuo YNiu XZheng K(2019)Game Theoretic Suppression of Forged Messages in Online Social NetworksIEEE Transactions on Systems, Man, and Cybernetics: Systems10.1109/TSMC.2019.2899626(1-11)Online publication date: 2019
https://doi.org/10.1109/TSMC.2019.2899626
Liu BSun XNi ZCao JLuo JLiu BFu X(2019)Co-Detection of crowdturfing microblogs and spammers in online social networksWorld Wide Web10.1007/s11280-019-00727-423:1(573-607)Online publication date: 23-Oct-2019
https://doi.org/10.1007/s11280-019-00727-4
Mylonas P(2018)The Evolution of Contextual Information Processing in InformaticsInformation10.3390/info90300479:3(47)Online publication date: 27-Feb-2018
https://doi.org/10.3390/info9030047
Meyers JHansen DGiboney JRowe DAyers TZilora SGoda BBogaard D(2018)Training Future Cybersecurity Professionals in Spear Phishing using SiEVEProceedings of the 19th Annual SIG Conference on Information Technology Education10.1145/3241815.3241871(135-140)Online publication date: 14-Sep-2018
https://dl.acm.org/doi/10.1145/3241815.3241871
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents