Publication

SocialHEISTing: Understanding Stolen Facebook Accounts

USENIX Security Symposium


Abstract

Online social network (OSN) accounts are often more user-centric than other types of online accounts (e.g., email accounts) because they present a number of demographic attributes such as age, gender, location, and occupation. While these attributes allow for more meaningful online interactions, they can also be used by malicious parties to craft various types of abuse. To understand the effects of demographic attributes on attacker behavior in stolen social accounts, we devised a method to instrument and monitor such accounts. We then created, instrumented, and deployed more than 1000 Facebook accounts, and exposed them to criminals. Our results confirm that victim demographic traits indeed influence the way cybercriminals abuse their accounts. For example, we find that cybercriminals that access teen accounts write messages and posts more than the ones accessing adult accounts, and attackers that compromise male accounts perform disruptive activities such as changing some of their profile information more than the ones that access female accounts. This knowledge could potentially help online services develop new models to characterize benign and malicious activity across various demographic attributes, and thus automatically classify future activity.

Related Publications

All Publications

CODE - November 20, 2020

Privacy-Preserving Randomized Controlled Trials: A Protocol for Industry Scale Deployment (Extended Abstract)

Mahnush Movahedi, Benjamin M. Case, Andrew Knox, Li Li, Yiming Paul Li, Sanjay Saravanan, Shubho Sengupta, Erik Taubeneck

USENIX Security - November 11, 2020

Deep Entity Classification: Abusive Account Detection for Online Social Networks

Teng Xu, Gerard Goossen, Huseyin Kerem Cevahir, Sara Khodeir, Yingyezhe Jin, Frank Li, Shawn Shan, Sagar Patel, David Freeman, Paul Pearce

ACM IMC - October 28, 2020

Towards A User-Level Understanding of IPv6 Behavior

Frank Li, David Freeman

Interspeech - October 25, 2020

Hide and Speak: Towards Deep Neural Networks for Speech Steganography

Felix Kreuk, Yossi Adi, Bhiksha Raj, Rita Singh, Joseph Keshet

To help personalize content, tailor and measure ads, and provide a safer experience, we use cookies. By clicking or navigating the site, you agree to allow our collection of information on and off Facebook through cookies. Learn more, including about available controls: Cookies Policy