Thank you Herkimer Elementary for a Twitter spam case study

As my Twitter followers and other friends will know, I actively campaign against balloon releases — they litter, and harm wildlife.

This post isn’t about that, but about something odd which I discovered while doing so.

Each day, I search Twitter for people who are planning a balloon release, and politely ask them not to do it. A sufficient number to make this worthwhile, oblige.

About a year or so ago, give or take, I saw a tweet, the URL of which I have long since lost track of, saying:

Thank you Herkimer Elementary for a beautiful balloon release. Headed to Slavic Pentacostal Church.

(Both venues are in Herkimer, New York, USA, if you wondered.)

But then a while later, I saw exactly the same text tweeted by someone else. Then again by another account, a few days later, then again. This went on, week after week. Gradually, the frequency increased, and now at any time there are hundreds of recent tweets with that text:

https://twitter.com/charolettetm/status/292294397670850561

https://twitter.com/lashernndshane/status/292287884197773312

https://twitter.com/janinemccormi/status/292286193079566336

https://twitter.com/trishadicksonuk/status/292270073828212737

https://twitter.com/lavelleboothjnu/status/292224663940128768

You can try the ‘Herkimer Elementary beautiful balloon release’ search yourself.

If we examine one of the accounts tweeting that, say @janinemccormi (picked at random), we can see he’s tweeted other things:

https://twitter.com/janinemccormi/status/291091194732244993

https://twitter.com/janinemccormi/status/289943029542961152

(Interestingly, a Google image search shows that @janinemccormi’s avatar is shared with @sanevekaxu7, whose account is suspended.)

Those messages have each been tweeted by lots of other people:

https://twitter.com/AugustaGriffit9/status/292298948205502465

https://twitter.com/ChristyFry7/status/292288707422220290

https://twitter.com/GustavoMcclain/status/292285011686723585

https://twitter.com/lawanavdqplaza/status/292249058641338368

https://twitter.com/RenaldoJames2/status/292231467197661184

(‘ASOS Topshop killlllllllling meee’ search).

and again:

https://twitter.com/darcijvgsledfor/status/292313158306111489

https://twitter.com/ErickStephenso2/status/292137319039893504

https://twitter.com/LillianRogers18/status/292135322765103104

https://twitter.com/YolandePowell/status/292116140837191680

(‘preciso sair e passar nos outros fcs ‘-‘ beeijos.’ search).

And so it goes on: hundreds of identical tweets, from accounts making hundreds of other duplicate tweets. You’ll be able to find plenty more examples.

Now, at the risk of casting aspersions on innocent bystanders, I think it’s safe to assume that those are not genuine accounts (or if they are, they’re compromised).

If I were Twitter, I’d be looking into this and suspending some accounts. A lot of accounts.

About Andy Mabbett

Enjoying my freelance career, helping organisations to understand on-line communities, open content, and related issues; often as a Wikimedian (or Wikipedian) in Residence.
This entry was posted in Twitter and tagged , , . Bookmark the permalink.

11 Responses to Thank you Herkimer Elementary for a Twitter spam case study

  1. Hanan Cohen says:

    What do you assume they want to gain? It’s haven’t seen any link in those accounts.

    Maybe those are the Twitter equivalent of the Number Stations?

    • Andy Mabbett says:

      Who knows? Perhaps they’re the kinds of followers one can buy by the thousand?

      At the very least, those accounts seem to be guilty of serial copyright violation.

    • Philip John says:

      I see this all the time on my searches.

      Simply, it’s a way for spammers to make their spammy accounts look real. By copying the content of other tweets and adding that to a database of tweets from which their spambots can randomly select, they make themselves appear completely legitimate.

      The tweets have been written out by a real human being so in isolation they can’t be separated from auto-generated foobar, making algorithmic detection very difficult.

      You might think that they could pick up many accounts tweeting the same thing. In fact, Twitter already stops you from tweeting the same thing again within a short timeframe. However, with an estimated 5,000+ tweets sent every *second* picking out the minute fraction of those that are the same is going to be very difficult. Not only that but as the tweets Andy has found show, these can be spread over several minutes or days. I’ve seen one particular tweet repeated occasionally over several months.

      Sometimes, if I need a break from real work, I might sit there and report a bunch of them, but that’s about as useful as pissing into the wind in reality.

  2. I’ve seen this before, plenty of times. It’s more than just common practice, it’s an epidemic. Twitter must be aware of the problem.

    I suspect they see it as a low priority because if I you and I can read the behaviour patterns, they must also be able to, and so far they’ve done nothing (besides introduce that futile ‘report for spam’ button).

  3. One that I’ve been affected by recently is a set of accounts re-posting a comment from someone that was an @-reply to me. I mark all as spam, but for reference I’ve left this example alone. I’ve had about twenty so far, averaging one every couple of days.

  4. ds says:

    Though it might seem a bit of a tangent, the comedian Dave Gorman talked about this very issue on his show Modern Life is Goodish a couple of weeks ago. His commentary on Twitter spam and the techniques used by organisations who provided Twitter followers for money was pretty clear, and funny of course. Twitter must know about this stuff, but choose to turn a blind eye, it seems.

  5. Andy Mabbett says:

    Update: As of today, it seems many of the accounts I described have been suspended.

Leave a Reply

Your email address will not be published. Required fields are marked *


e.g. 0000-0002-7299-680X