Over the last few days, Twitter spammers urged me to find out Louis Tomlinson‘s phone number, hear a leaked version of One Direction‘s new album, and get a free iPhone.
What’s notable is that these spammers weren’t sending tweets or direct messages: They added me to Twitter lists to indirectly point me, and thousands of others, towards spam sites.
Lists are typically used to organize Twitter users into more distinct groups. You might have separate lists for celebrities, colleagues, and friends, which allow you to monitor several different verticals at the same time through tools like TweetDeck. A few months back, Twitter increased the number lists each user can have from 20 to 1,000, and the maximum number of accounts in each list from 500 to 5,000.
While not entirely new, as noted by BuzzFeed‘s Charlie Warzel, it’s a capability that’s now being abused by spammers, who are adding users to lists populated with links en masse. Each time you’re added to a list, you get a notification on Twitter and perhaps via email. Naturally, you’ll be keen to find out why you were added to the list and, spammers hope, click their links.
One of the biggest offenders in the current wave was an account called Celeb Phone Numbers. Before Twitter suspended it, the account automatically added tens of thousands of users to lists. It promised to reveal the phone numbers for stars like One Direction singer Tomlinson and Lady Gaga through an associated website.
Warzel reported the person behind the Celeb Phone Numbers account used a Twitter keyword marketing tool to find people who’d tweeted about those stars and added them to its lists. That person shared their finding on marketing forums, spurring other spammers to try the tactic. The spammers make money if you complete surveys or view ads on their sites.
The Celeb Phone Numbers account added me to two lists Sunday, and I immediately reported it for spam, as did others.
Dear GTA V Twitter bots, keep fav/following/add me to list. reporting you for spam is fucking fun
— Jason Brown (@jbnet211) September 16, 2013
you cant spam add me to your list now can u pic.twitter.com/sStoEvemkE
— katie (@seasidenouis) September 15, 2013
IF SOMEONE ADDS YOU TO A LIST CALLED MIDNIGHT MEMORIES LEAKED REPORT THEM BC SPAM
— oo kill em (@niallwifinpizza) September 16, 2013
Twitter is fighting a war against spammers. A study published last month showed how vendors created thousands of phony accounts and sell them to spammers wholesale. Twitter is adding the researchers’ methods for finding such accounts into its abuse detection systems. Tracking down and killing spam accounts is a high priority as the company prepares to hold an initial public stock offering.
H/T BuzzFeed | Photo via brittneyatambeau/Flickr