Spam spreads much faster and to more people when it is being propagated by hacked, or otherwise compromised, email accounts rather than legitimate accounts, according to research published in the International Journal of Security and Networks. The insight should help those modeling the dynamics of information diffusion as well as those hoping to track and trace spam with a view to slowing or blocking its propagation. Spam traditionally contained ads for fake or counterfeit products, but currently also contains disruptive rumors and information of a political nature.
Ghita Mezzour and Kathleen Carley of Carnegie Mellon University, Pittsburgh, Pennsylvania, USA, explain that spammers often use hacked accounts to spread spam. Spam sent from hacked accounts is often given more credence than anonymous spam or spam with an obviously scurrilous or scandalous source. This is by virtue of the spam coming from someone the recipient may know via the hacked account’s address book. In some cases, the recipients believe the spam content is correct and forward it to their friends who may, in turn, forward it to their friends. Large numbers of accounts are hacked (or hijacked) through malicious software (malware) or by guessing passwords with the purpose of using them as hosts for sending out vast numbers of spam messages. However, modeling the spread of this kind of information usually assumes that the source is a human deliberately sharing the information.
The team has found that modeling the behavior of hacked accounts results in spam diffusion dynamics different from what work on information diffusion has predicted. Hacked accounts tend to more aggressively send spam, partly because deliberately, individually propagated spam is done manually, whereas hacked spam is more commonly generated automatically by the malware that has infected the account in the first place. This aggressive behavior of hacked accounts causes spam to reach more people faster. The online equivalent of word-of-mouth is powerful when a message is repeatedly and forcibly sent to one’s inbox. Today’s social networking sites are plagued by malicious accounts that behave aggressively and differently from humans. Understanding and modeling the effect of the behavior of these accounts is important to reducing spam and attacks on social networking sites.
Mezzour, G. and Carley, K.M. (2014) ‘Spam diffusion in a social network initiated by hacked e-mail accounts’, Int. J. Security and Networks, Vol. 9, No. 3, pp.144–153.