The SocialToo Blog

February 24, 2010

New Variant of “This You???” Worm Surfaces on Twitter

Filed under: Security,Status — Tags: , , , , , , — Jesse Stay @ 5:31 am

SocialToo has detected a surge in the number of phishing DMs in just the last few hours or so, all with the text, “This you???”, followed by many different variants of URL shorteners that all redirect to a domain ending in kevanshome.org (DO NOT CLICK! YOU WILL BE TAKEN TO A BEBO-LOOKING PAGE ASKING FOR YOUR BEBO CREDENTIALS – DO NOT LOG IN).

This new variant comes after a slew of phishing DMs over the weekend, all with similar text to this one that utilized a URL redirect service, redirecting users to a bzpharma.net URL asking users to log in with their Twitter credentials.  While we show little sign that the compromised accounts were fixed by Twitter, we did notice that particular variant seems to have stopped, and we have begun to detect some of those compromised accounts sending out Viagara ads in their stead utilizing the same domain name redirect scheme.

All SocialToo users that have either created at least one DM filter under their Preferences, or signed up for the DM e-mails should be protected from this new variant that just started early this morning.  We have blocked over 1,400 DMs so far from this specific variant.  We were able to detect this worm from the first DMs sent out (and have measures in place to automatically detect future variants).  Users that get DMs in other locations should still be suspicious.  While SocialToo deletes the malicious DMs from your account, not all Twitter clients check to see when DMs are deleted.  For this reason we recommend you turn on SocialToo DM e-mails and turn off Twitter’s DM notifications.  SocialToo users utilizing this service will never get a malicious DM from Twitter that we are able to detect.

SocialToo is not a perfect service – there may still be malicious DMs that get through our filters so we encourage all users to be cautious when receiving DMs with links in them.  Look over the domain in the link, verify that you know with absolute certainty that the URL is on twitter.com before providing your credentials.  A good rule of thumb is that if a link from a DM takes you to a Twitter login page, you should probably not provide your credentials.  Instead, manually type in the Twitter.com URL.

We are constantly finding new ways to protect your DMs from Twitter when you utilize the services we provide at SocialToo.  While our service does provide automation tools that increase the number of DMs for some users, these types of attacks often come from your closest friends and family.  No one can be trusted in this case, and we ask that you exercise caution amongst all DMs you receive.  This protection is intended for all users of SocialToo, whether you choose to automate or not – you just need to follow the instructions above to enable the feature.

As always, follow the @socialtoo account on Twitter for updates on the status of this worm and others.  We will also try to keep you updated on this blog as new worms surface.

September 3, 2009

SocialToo Extends War on Twitter Spam With One-Click DM Management

Filed under: Announcements — Tags: , , , , , , , — Jesse Stay @ 3:02 pm

A few weeks ago I pledged to provide more ways for you to filter the automated DMs you were receiving on Twitter.  For many, this annoyance has driven them to the point of completely unfollowing their friends (which SocialToo has a tool for).  To me, the ideal auto-follow tool should foster real-life relationships, and keep out the fake ones.  For many people, auto-following introduces too much clutter, and can reduce the quality of the real-life relationships you’re trying to build on the social networks.  One of our main focuses at SocialToo has always been to clean up the clutter.  That’s why, starting now, we’re launching some new tools around this that will help you remove the spam entirely from your inbox.

Today we’re declaring war on Twitter spam.

Introducing SocialToo DM E-mails

Starting right now, you can log into SocialToo.com by clicking on the “Sign in with Twitter” link on the home page. On your Preferences page you’ll see a few more options to help you combat spam on your Twitter account.  The first item we’re launching is a DM e-mail that can replace the DM e-mails you’re receiving from Twitter.  Here’s the cool thing about it: there’s nothing you need to do on your part to get it working! That’s right, no forwarding e-mails, and no changing anything in your Twitter preferences.  Simply check the box, “Send SocialToo DM e-mails” and include your e-mail address on your Preferences page on SocialToo, and the next DM you receive will come straight to your e-mail inbox.

socialtoo-dm-e-mail-preferences

Now, every DM e-mail you receive will enable you options to flag that DM as spam.  You’ll have the option to flag the sender as a spammer, auto-DMer, block the user, or just unfollow them.  You can even respond via public reply or DM, or even delete the DM straight from the e-mail!  Even more, when you mark a user as a spammer, a message automatically gets sent (via DM) to @spam on Twitter notifying them as well.  And now that they’re marked as a spammer, you’ll never auto-follow them again, and it will help others with the right preferences in SocialToo to avoid following them as well.

socialtoo-dm-e-mail-format

Should you later want to remove them from your spammers list,  just go to the “Lists” option in the left navigation on your Preferences page and you can remove and add people to your spammers and auto-DMers lists easily.  You can also whitelist anyone and we’ll never unfollow the people on that list on your behalf.  You may also want to enable the option, “Delete DMs when users are unfollowed, marked as a spammer, auto dmer, or are blocked from the DM e-mails” on your Preferences page – with that enabled, we’ll also delete each DM after you mark them as a spammer or unfollow them from the DM e-mails you get.

pointing-out-socialtoo-lists

Spam Filtering – the Perfect Complement to DM E-mail

DM E-mail from SocialToo is just one part of combating spam from those you follow, and discouraging the practice as you go. With this new feature, we’re also launching another new feature, automated spam filters, that will help you completely remove the spam and automated DMs you receive on Twitter.  Here’s how it works:

Log into SocialToo.com through the sign in with Twitter link and go to your Preferences tab.  On that tab towards the bottom you’ll see a new “Automatic DM Filters” section.  This, with the SocialToo DM E-mail, are your friend when it comes to stopping DM spam you receive on Twitter.

automatic-dm-filters

The way it works is that for every keyword or phrase (keywords and phrases are exact, so including a quote or punctuation will search for DMs with that quote or punctuation) you add to your DM filters, we’ll process that DM, apply the actions you select (unfollow, mark as spam, mark as auto-DM, delete) for the DMs that match that rule, notify @spam via DM if they’re a spammer, and they will not be included in the next e-mail you receive from us.  So, if you disable the DM E-mails you receive from Twitter in your preferences on Twitter.com and enable the SocialToo DM e-mail instead, you now have the potential to completely rid yourself of spam DMs from others, with little to no effort on your part.

So to get started adding filters simply click the “add keyword” link under your DM filters section on your Preferences page at SocialToo.com, enter a keyword or phrase you want to have it search for, set the actions you want to occur for that phrase, hit submit, and you’re done!  Some keywords I’ve set up include (without the quotes) “thanks for following”, “thank you for following”, and “You should send me a gift back”.  You can add as many of these filters as you like and we’ll stop each and every DM that meets those terms from entering your inbox.  I should also add that you do not have to auto-follow for any of the features we are launching today to work.  These features will work for anyone, and they’re 100% free!

Today is the day DM spam on Twitter stops for our users. We’re proud to play a part in that process at SocialToo.  This is only the beginning though.  We will continue to improve this process, listen to your feedback, and hopefully apply this to other networks you belong to as well in the future.  We’ll continue to find new ways for you to remove these DMs from your workflow.  If you have ideas, suggestions, or questions, we’re all ears.  And if you’re a developer we may be able to work with you as well to integrate these tools into your own product, perhaps enabling you to know before presenting DMs to a user if they pass a SocialToo spam test first.  The possibilities are endless!

I look forward to hearing your feedback.  These features are completely free.  If you do like what we’re offering though, we also provide a nightly report of who followed you and stopped following you within the previous day.  The cost is just a 1-time $20 charge for life, and you can turn it on or off any time you like.  SocialToo is your companion, and friend, to the social web.

Jesse Stay
CEO, SocialToo.com

August 2, 2009

There’s an App for That

Filed under: Announcements,Status — Tags: , , , , , — Jesse Stay @ 5:09 pm

Swiss Army KnifeHalf of SocialToo’s focus has always been to reduce the spam and clear out the noise for you on the Social Networks you belong to. Recently, a trend has been to unfollow everyone on your followers list and start fresh.  Many people are reporting this has cleaned up things for them and made their life much easier so they could more effectively listen to the conversation.  We support that decision – we are not an “auto-follow company”.  We’re an analytics and anti-spam through social tools company, so auto-follow is only one of the features SocialToo offers.  For those that want to unfollow everyone they follow, yes, there’s an app for that, too.

To unfollow everyone you follow, just go to your Preferences tab, make sure you’re logged into Twitter, and purchase the item, “Unfollow EVERYONE you’re currently following?”.  It’s a one-time only $25 charge and you can run it for free as many times as you want after that. In under 5 minutes, your entire list will be unfollowed.

unfollow all option

There’s more. If you like to auto-follow but don’t like auto-dms, we offer options for that as well.  If you see an auto-dmer, go to the “Unfollowing Preferences” link on your Preferences page, and be sure to blacklist them.  Then, enable the unfollow filters on that page to automatically unfollow those that meet your criteria for auto-dmers. Power by the masses will keep the auto-dmers out.  In addition, we’ll automatically send a request on your behalf to TweetLater’s @optmeout to keep their auto-dms from hitting your inbox if you select the checkbox on your Preferences page.  Anyone you don’t want it to unfollow, just add them to your whitelist.

Of course, you’ll want to tell others about this so more people are marking spammers and auto-dmers as such. Please send out a Tweet to your followers, letting them know about these features and maybe pointing them to this blog post.  In addition, starting today, we launched a way for you to invite your Facebook friends as well.  If you are logged in via Facebook (just click the connect via Facebook button), you’ll see an “Invite Friends” link at the top.  Click that any time and you’ll be presented with a list of all your Facebook friends, giving you the option to invite them to use SocialToo.

Invite friends

Starting this week, I’m going to be focusing on even better filters for SocialToo auto follow.  Expect to see filters around allowing you to auto-unfollow people that DM you with DMs that contain certain keywords.  Expect to see ways to auto-unfollow people with certain keywords in their bio, or with default avatars, or even with certain words in their username.  It’s time to put an end to spam on Twitter, and SocialToo is going to do all we can to help you out in this process.  Yes, we have an app for that, too.

Jesse Stay
CEO, SocialToo.com

June 1, 2009

Cut Down on Spam With Lists and Filters on SocialToo

Filed under: Announcements — Tags: , , , , , , , , — Jesse Stay @ 3:51 pm

SpamWe’ve talked here before about SocialToo’s commitment to providing you with a much cleaner experience on the Social Networks you belong to. We’ve provided an opt out of auto-dms through perhaps the largest source of these, TweetLater (and we thank them for providing that tool!). We’ve enabled you to blacklist people you don’t want us to ever follow on your behalf. We’ve enabled you to automatically unfollow those that unfollow you on Twitter. We’ve also enabled you to just unfollow those that unfollow you within a given number of days on Twitter.

Today I’d like to take that a little further. Starting now, you can log into SocialToo, click on the Preferences tab, and click on “Unfollowing Preferences” in the left navigation menu. You’ll notice your blacklist has moved there, along with 2 new lists. The first list, a whitelist, enables you to specify individuals you want to be sure we never unfollow for you. Consider this your “favorites” list – trust me, this will become even more useful very shortly, but for now it means even with auto-unfollow on or any of the filters or blacklisting on, we’ll never unfollow the people in that list.

Unfollowing Preferences

The second new list is an “auto-dmers” list. We want you to use this. This is your list, and only applies to you – we can’t make this decision for you. If you’re as annoyed with automatic direct messaging on Twitter as many on Twitter are getting, we’ve provided you a way to ensure these users are unfollowed, identified, and never followed again until they’re removed from the list. Why not just unfollow them, you may be asking?

Here’s the reason. When you add someone to your auto-dmers list, we give those users a score. The higher the score, the more users have been annoyed by their activity. We can’t tell 100% that these people are manually or automatically sending these, so we have to go by you, the user’s annoyance level. If they annoy you enough to unfollow them, we think that warrants an increase in their auto-dm score. We’ve done the same with your blacklist. The more people that blacklist an individual, the higher their “spam score”. This is an anonymous score that only we know, and is entirely controlled by our users. We have no control as to what goes into this list.

Now here’s the fun part. You’ll notice above those 3 lists a few new filters. You still have the ability to unfollow those who unfollow you, unfollow those who unfollow you in a given number days after they follow you, or do nothing at all with those unfollowers. However, we’ve added 2 new filters that I think are very powerful, especially the more people use them and populate their lists.

Now, if you check the boxes, “Never follow if friends have a spam score greater than [3]” or “Never follow if friends have an auto-dm score greater than [2]” we do some additional magic. If someone has been blacklisted by greater than 3 people on SocialToo (you can change this number), we’ll automatically unfollow them for you and never follow them again. If someone has been marked as an auto-dmer by more than 2 people (you can also change this number), we’ll automatically unfollow them for you and never follow them again as well. Change the numbers, and we’ll follow and unfollow accordingly.

We’ve just given complete control to you, the user, to determine who on Twitter is a spammer, and who is not. We’ve even automated the process for you and you can now choose to only follow those other users have not considered to be spamming, or auto-dming (assuming you consider that is spam) on Twitter. Have an exception to the rule? Just add them to your whitelist!

We have several more announcements this week we’ll be rolling out shortly so please stay tuned to this blog as we announce them. Most of all, we need your help spreading the word to get as many people populating these lists as possible so the system becomes as useful as can be. It’s 100% free so please fill out your lists, set your filters, and enjoy as your spam loads go down significantly. Most importantly, spread the word!

UPDATE: The blacklist, auto-dm list, and whitelist features are now under a sidebar link called “Lists”.  We have moved the rest of the unfollowing preferences under the main “Preferences” tab.

March 5, 2009

Stop the Robots With @endautodms

Filed under: Announcements,Security — Tags: , , , , — Jesse Stay @ 4:32 pm

#EndAutoDMI am brainstorming daily new ways to enable our users to get rid of the spammy behavior on Twitter and focus on what Twitter is about – communication. Because of this, we killed the service. As we mentioned earlier, we have taken a 180 and have decided auto-DMs have gotten out of control. If you’re a SocialToo user and this is the first you’re hearing of this I encourage you to check out that article and see why we’re doing it. Now our entire focus is on making Twitter less spammy, more secure, and a nicer place to communicate and network with others.

Starting today, we’re launching a new, completely public Twitter user, sponsored by SocialToo, which you can notify of auto-DMs or spammy behavior on Twitter. If you notice someone sending auto-dms to you, or are just plain spammy or robotic, send their username to @endautodms (note the “s”). The format of the Tweet should be like this (most importantly, it should include “@” followed by the screen name of the spammer):

@endautodms @spammyspammy is showing robot-like behavior

You can just inlcude the screen name, or the reason they’re being spammy. Our combination of human and automated review of these (a human will always play a part) will verify they are spammy, and @endautodms will follow them. Everyone @endautodms follows is deemed a spammer by our review process.

Anyone can use this list for their own apps if you like, but on SocialToo over the coming days we’ll be working to incorporate new ways to allow users to choose not to auto-follow the users that @endautodms follows. In addition, we’ll probably also provide a whitelist, finally enabling users to actually “opt-in” to receiving dms from specific users.

If you find your name on “the list”, please DM @endautodms with your intentions to stop or explanation (we won’t be convinced that auto-dms are good, so don’t even try), and we’ll remove you from “the list”. However, 3 strikes and you’re out. If we continue to get recommendations after you say you’ve stopped the 3rd strike guarantees permanent placement on “the list”.

Here’s to a much cleaner SocialSphere. Let’s do what we can to #endautodm!

January 10, 2009

Fight Twitter Spam With Unfollow Filters

Filed under: Announcements — Tags: , , , , , — Jesse Stay @ 5:22 am

At SocialToo, my biggest priority is to do all that we can to make Twitter a better, more “social” place for you.  Our goal is to do all we can to enable you to focus on connecting with your friends and building relationships, while we handle the rest.  Unfortunately, with those that abuse the system and seek to solely focus on gaining followers, it gets harder to do so.

One of the most heavily-used techniques for gaining followers by spammers is to follow people on Twitter, then, quickly unfollow them once those people auto-follow them back.  Some people do this via services like SocialToo.com, while others do it manually, but regardless, it’s easy to gain a lot of followers you could potentially target for spam in the future using this technique.  I’ve referred to this flaw in Twitter’s system a “free no-reply address” given to each user that joins Twitter.

Last week we launched a feature enabling you to block automatic DMs from other SocialToo accounts.  Through this feature, only those that want to receive auto-generated DMs will receive them, providing more targeted marketing, and less unwanted messages for those that are annoyed by the feature.  Tonight, I’m proud to announce a new feature that will further this effort to ward off spam on Twitter. I think this is game changing.

Starting tonight, if you log into your SocialToo.com account and click on the “Admin” tab, you’ll see a new link on the left titled, “Unfollowing Preferences”.  You still have the usual features of being able to unfollow all those that unfollow you, or just leave them alone, but we’re adding one new feature.  Now, if you opt to enable it, you can specify that we unfollow anyone who unfollows you within the first “x” number of days after they follow you.  We default this to 1, as that is common for spammers, but you can fine-tune it for your needs.

Also starting tonight, we are defaulting this to “on” for all new SocialToo.com users in an effort to further fight these types of spamming efforts on Twitter.  Existing users will keep their existing settings, so please go in and adjust this if you are already a user.  We plan on expanding this even further in the future with some free, and possibly some premium features, but now you can feel safe that, so long as you and your friends are on SocialToo, Twitter will be a less-spammy place!  So go out and invite your friends, encourage them to switch to SocialToo.com to discourage these spammers from using this technique. The more of you that use SocialToo, the more effective we will be at fighting this technique!

Photo Credit: freezelight

Powered by WordPress