Cashtag piggybacking: uncovering spam and bot activity in stock microblogs on Twitter

Microblogs are increasingly exploited for predicting prices and traded volumes of stocks in financial markets. However, it has been demonstrated that much of the content shared in microblogging platforms is created and publicized by bots and spammers. Yet, the presence (or lack thereof) and the impact of fake stock microblogs has never systematically been investigated before. Here, we study 9M tweets related to stocks of the 5 main financial markets in the US. By comparing tweets with financial data from Google Finance, we highlight important characteristics of Twitter stock microblogs. More importantly, we uncover a malicious practice - referred to as cashtag piggybacking - perpetrated by coordinated groups of bots and likely aimed at promoting low-value stocks by exploiting the popularity of high-value ones. Among the findings of our study is that as much as 71% of the authors of suspicious financial tweets are classified as bots by a state-of-the-art spambot detection algorithm. Furthermore, 37% of them were suspended by Twitter a few months after our investigation. Our results call for the adoption of spam and bot detection techniques in all studies and applications that exploit user-generated content for predicting the stock market

Emerging Phishing Trends and Effectiveness of the Anti-Phishing Landing Page

Each month, more attacks are launched with the aim of making web users believe that they are communicating with a trusted entity which compels them to share their personal, financial information. Phishing costs Internet users billions of dollars every year. Researchers at Carnegie Mellon University (CMU) created an anti-phishing landing page supported by Anti-Phishing Working Group (APWG) with the aim to train users on how to prevent themselves from phishing attacks. It is used by financial institutions, phish site take down vendors, government organizations, and online merchants. When a potential victim clicks on a phishing link that has been taken down, he / she is redirected to the landing page. In this paper, we present the comparative analysis on two datasets that we obtained from APWG's landing page log files; one, from September 7, 2008 - November 11, 2009, and other from January 1, 2014 - April 30, 2014. We found that the landing page has been successful in training users against phishing. Forty six percent users clicked lesser number of phishing URLs from January 2014 to April 2014 which shows that training from the landing page helped users not to fall for phishing attacks. Our analysis shows that phishers have started to modify their techniques by creating more legitimate looking URLs and buying large number of domains to increase their activity. We observed that phishers are exploiting ICANN accredited registrars to launch their attacks even after strict surveillance. We saw that phishers are trying to exploit free subdomain registration services to carry out attacks. In this paper, we also compared the phishing e-mails used by phishers to lure victims in 2008 and 2014. We found that the phishing e-mails have changed considerably over time. Phishers have adopted new techniques like sending promotional e-mails and emotionally targeting users in clicking phishing URLs

The role of information systems in the prevention and detection of transnational and international crime

© Cambridge University Press 2014. All around the world criminal activity remains at the forefront of governmental concerns, not only as a problem that distorts the very fabric of society within the confines of national jurisdictions, but also as a problem that cuts across national borders to exhibit a global dimension. The international dimension of criminal activity remains critical and is generally characterized by a complexity that is unique and requires action on many different levels. Criminals set out to mask their illegal activities and deliberately generate complexity as a means of concealment. In doing so, they exploit new developments in technology that assist them in achieving their ends. This criminality exhibits forms of innovation that stretch far beyond traditional criminal activity (e.g., drug and human trafficking) and manages to attach itself within the broader fabric of society by exploiting the very latest developments. This evolution is necessary as criminals seek not only to escape arrest, prosecution and conviction, but also to enjoy the fruits of their criminality (mostly financial gains). Thus, they seek to develop ways of exploiting the various diffuse norms of social interaction (e.g., trust), financial modes of conduct (e.g., cash-based economies), technological and communication developments (e.g., Internet), and thereby minimize the possibility for detection. By limiting the resources that can be made available for prevention (or making them obsolete when developing new criminal behaviour), they participate in this co-evolution actively; and this they achieve by generating complexity