On Thursday, October 3rd, Twitter released its S-1 filing prior to its initial public offering. Interestingly, the filing included thirty two pages of risk factors, almost 50% more than Facebook, Groupon, and Google. Among those risk factors, "spam" is mentioned 27 times, and considerable attention is also paid to fraudulent user accounts.
On Friday, Impermium appeared on "Bloomberg West" to discuss these cybersecurity risk factors. In the segment, entitled "Twitter's Strategy to Counter Spam, Cyberattacks," I discussed the many factors making Twitter attractive to spammers-the broad-based distribution, the real-time nature which makes filtering difficult, the novelty of the platform relative to e-mail-as well as the challenges in cleaning up this malicious traffic.
In its filing, Twitter admits to up to 5% of users being fraudulent; some independent researchers have also weighed in on how many tweets are automated rather than created human activity. In the segment, we also discussed how challenging it can be to reduce fraudulent signups-sites have a paucity of data and a very narrow margin for error-and how challenging it can be to identify the fraction of accounts that are fraudulent in nature.
None of these problems is limited to Twitter, and in fact, Twitter has made admirable advances in recent months; nevertheless, every site on the Internet today must contend with these challenges. The reality of the modern age is, with every innovation online, criminals and attackers will find ways to subvert it to their own purposes; only by continual investment in a broad-based, continual risk calculation can we keep them in check.