It Doesn't Matter How Many Twitter URLs Are Malware... Only If People Are Clicking
from the misleading-with-stats dept
Security companies love using stats to make something appear to be a bigger problem than it really is. Take for example this claim that links to malware are "abundant" on Twitter. The problem is that this is totally meaningless. Because you only see the tweets of people you follow, if spammers are putting up malware links, it only matters if anyone's following them and then clicking on the links. The number of links that point to malware alone is meaningless, because one "spammer" could just post a ton of malware links, but that won't mean a thing if no one is following them. The real question should be how often are people getting malware because of clicks on Twitter. Unfortunately, that data isn't provided.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Investigative journalism starts at home, right?
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
well, 2 things here
2: sometimes people will look at a user to see who they follow to see if they have others of interest, this potentially leading to bad links.
meanwhile, it's very very easy to tell a bad link versus a legit twitterer, the bad link twitters are the same as bad ads: make money working from home, etc etc
[ link to this | view in thread ]
Not sure what the issue is here, Mike...
Unnecessary knee-jerk?
[ link to this | view in thread ]
Re: well, 2 things here
I can't imagine ever setting Twitter to auto-follow anyone who follows me. In fact, I take it a step further and block followers who are clearly marketers/spammers.
Frankly, I have enough trouble keeping up with the list of people who I *do* want to hear from... I can't imagine having to wade through remarkable marketing opportunities and clearance-priced 'Rolecks' ads as well.
In summation: let's stop calling auto-follow "common courtesy". Yes, perhaps it was nice back in the garden of eden days of Twitter, but it's just going to make it a useless marketing/spamming wasteland.
[ link to this | view in thread ]
How douse this work?
That's 1 of 500 or 0.2% of all addresses posted on twitter.
"About 26 percent of Twitter messages contain a URL"
so now it's 0.05%(?) of all Twitter messages are malware.
"About half of those appear to be generated by spammers or by people with malicious intent, he said."
And now it's 13% of all twitter messages are malware?
Note: These three quotes are copied in order from the Wired article's first four paragraphs.
[ link to this | view in thread ]
Re: Not sure what the issue is here, Mike...
The number of messages with malware links being sent out on twitter is useless as they have studied it because it does not represent the number of those links that actually get to people. If nobody follows the malware spammer, sending the url a million times increases this stat but is no more damaging than not sending the messages at all.
If you only follow reliable, trusted people on Twitter, I would bet the percentage of malware links you get is zero.
The article is somewhat like counting the number of sharp sticks in the wooded areas of Vermont and then saying that it is dangerous to walk there because it is full of sharp sticks. Great, but since the majority of the population is walking on streets, sidewalks, and their neighbor's lawn, it tends to be less dangerous than these statistics indicate.
[ link to this | view in thread ]
It's not meaningless...
The malware authors are not counting on people stumbling into their tweets or following them : now instead of giving directly their malware link in the spam they send, they're giving the link to the tweet with the malware link. People are much more likely to follow a link in a mail or a blog comment to a well-known site such as twitter than to click on a link to randomdomainname.cn, and because twitter is usually not identified as a security risk they're quite likely to click on the link on the tweet (link wich can be further obfuscated by using a URL shortening service).
Such Twitter links are also a lot more difficult to automatically filter by security systems.
[ link to this | view in thread ]
I bet a few..
I did a test. I did a bit.ly url to example.com, and posted a tweet saying "don't click this link if you see it, it's malware" then posted the linnk. Out of my 350 followers, 15 clicked it within 30 seconds of being posted.
Based on all of the above, I bet quite a few people are actually visiting the malware sites - but certainly not as many as security companies claim.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
What? That's entirely different. Spam and scam links are clicked because people are tricked into it, and it's dangerous for them. The telephone arbitrage scams have nothing to do with tricking people are doing harm to them.
[ link to this | view in thread ]
Re: Re: Re: Re:
Got it.
[ link to this | view in thread ]
Re: well, 2 things here
In response to your two points:
1: people should not blindly follow others merely out of common courtesy. An autofollow bot (didn't know they existed) is just plain silly unless you are trying to farm for others to follow. Well, that's just plain silly too.
If you follow blindly, you are asking for trouble. If Hannibal Lecter (sp?) were to come by uninvited for tea and I give him that tea, fine. If I then go to his place for tea out of common courtesy, it would be my own fault that I am placed on his next menu.
2: I agree, but just like the web as a whole, one must click on links mindfully. I don't open every email. I don't click on every link. There are tell-tale signs of inappropriate links. People need to be more cognizant of those signs and act accordingly.
In both cases, common sense should prevail. Unfortunately, although people use common sense in the real world and manage to survive, on the web, people tend to ignore the fact that there are people with malicious intent. Ignorance is never bliss.
[ link to this | view in thread ]
Re:
As I've pointed out before (along with Kaspersky's numbers contradicting themselves) there are as few as 0.05% of Twitter posts that include links to malware sites (or as much as 13% depending on the paragraph you're reading). These numbers not only don't include how many are actually clicked but don't include the number of clicks that are blocked by anti-malware software.
These numbers are truly worthless and are blown more out of proportion by the company trying to sell you the solution.
[ link to this | view in thread ]
Re: How does this work?
"About 26 percent of Twitter messages contain a URL"
There is no mention that these are links to malware only that they are links... so it is 26% or 260 in every 1000
"About half of those appear to be generated by spammers or by people with malicious intent, he said."
Again no mention that these are all links to malware so again this is only 13% or roughly 130 in every 1000 messages are from spammers or by people with malicious intent.
However it was initially stated that in 1000 tweets there are 2 posts that are linked to malware. So in every 130 spam posts only 2 of them contain a link to malware.
Roughy 1.5% of the tweets from spammers or by people with malicious intent contain links to malware.
[ link to this | view in thread ]
Re: Re: Not sure what the issue is here, Mike...
I might complain that the article seems more like advertising for Kaspersky, which seems to get a lot of coverage lately.
However, once again, the article seemed to advise caution while using the trending tools to look into hot topics, not so much to stop trusting those you know and follow or to stop using Twitter.
In the end it should be no news to those already using restraint with e-mails and links, the same logic applies on Twitter, as others have pointed out here.
However, there are still plenty of gullible people out there opening malware e-mails, so it follows that an occasional cautionary article about targeted services is appropriate and worthwhile.
I don't see why the content of this article is any kind of issue at all. And as for the misuse of statistics, I'm still not seeing it in this case.
[ link to this | view in thread ]
Dear twitter...
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Heh
[ link to this | view in thread ]
Re: Re: How does this work?
1 out of 500 URLs point to malware (or .2%) and 26% of all twitter posts have URLs so .2% of 26% is .052%. 13% of all twitters (or half of the 26%) are from spammers or malicious people.
So we have two numbers here, 0.052% of all twitters point to malware and 13% of all twitters have bad URLs.
All these numbers are still kinda worthless without knowing the percentage of people that fall for them.
[ link to this | view in thread ]
There may be extensions for this, but it would be a good idea to include this in the browser itself. Then one can see the link and decide if the website is trustworthy.
[ link to this | view in thread ]
Re: well, 2 things here
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]