Twitter details new steps to fight spam and malicious automation issues


Twitter logo

Twitter today has shared four new steps that it is taking to address spam and malicious automation issues; reducing the visibility of suspicious accounts in Tweet and account metric, improving the signup process, auditing existing accounts for signs of automated signup, expansion of our malicious behavior detection systems.

Twitter says that a common form of spammy and automated behavior is following accounts in coordinated, bulk ways. Since the company couldn’t act upon it right at the moment all the time, that is why it is now updating account metrics in near-real time. For example, the number of followers an account has, number of likes or Retweets a Tweet receives. The company will now remove such accounts from follower figures and engagement counts until it passes a challenge, like confirming a phone number.

It will also display a warning on read-only accounts and prevent new accounts from following them. If the account passes the challenge, the account will be restored. With an aim to make it harder to register spam accounts, Twitter is going to require new accounts to confirm either an email address or phone number when they sign up on Twitter. However, this will be rolling out later this year.

Twitter is also planning on taking imminent action to challenge a large number of suspected spam accounts that it caught as part of an investigation into misuse of an old part of the signup flow. These accounts are mostly following spammers who in many cases appear to have automatically, or bulk followed verified or other high-profile accounts. This change will result in a drop in followers count, however, they will be restored once they pass the ownership test.

Finally, the company is also automating some processes when it identifies any suspicious account activity, like exceptionally high-volume tweeting with the same hashtag, or using the same @handle without a reply from the mentioning the account. These tests vary in intensity, and at a simple level may involve the account owner completing simple reCAPTCHA process or a password reset request.

Source