Over the last few days, Twitter spammers have been urging users to find out Louis Tomlinson’s phone number, hear a leaked version of One Direction’s new album and get a free iPhone.
What’s notable is that these spammers weren’t sending tweets or direct messages. Instead, they made use of Twitter’s list function, adding people to various lists and indirectly pointing thousands of users toward spam sites.
Lists are typically used to organize Twitter users into more distinct groups. You might have separate lists for celebrities, colleagues and friends, which allows you to monitor several different streams at the same time through tools like TweetDeck. A few months back, Twitter increased the number of lists each user can have from 20 to 1,000 and the maximum number of accounts in each list from 500 to 5,000.
While not entirely new, as noted by BuzzFeed’s Charlie Warzel, it’s a capability that is now being abused by spammers, who are adding users to lists populated with links en masse. Each time you’re added to a list, you get a notification on Twitter and perhaps via email. Naturally, you’ll be keen to find out why you were added to the list and, spammers hope, click their links.
One of the biggest offenders in the current wave was an account called Celeb Phone Numbers. Before Twitter suspended it, the account automatically added tens of thousands of users to lists. It promised to reveal the phone numbers of stars like One Direction singer Tomlinson and Lady Gaga through an associated website.
Warzel reported the person behind the Celeb Phone Numbers account used a Twitter keyword marketing tool to find people who had tweeted about those stars and added them to its lists. That person shared their finding on marketing forums, spurring other spammers to try the tactic. The spammers make money if you complete surveys or view ads on their sites.
The Celeb Phone Numbers account was immediately reported as spam by many users Sunday night:
you cant spam add me to your list now can u pic.twitter.com/sStoEvemkE
— katie (@seasidenouis) September 15, 2013
Twitter is fighting a war against spammers. A study published last month showed how vendors created thousands of phony accounts and sold them to spammers wholesale. Twitter is adding the researchers’ methods for finding such accounts into its abuse-detection systems. Tracking down and killing spam accounts is a high priority as the company prepares to hold an initial public stock offering.
Image: Andy Melton
