See how cybercriminals craft collective attention threats—and how university researchers plan to get the word out before attacks start.
Dr. James Caverlee, an associate professor in the department of computer science and engineering at Texas A&M University, has a dream. He wants to create an internet world where cybercriminals can no longer rely on collective attention threats to lure people into becoming victims of digital crime.
What is collective attention and why is it a threat?
So what is collective attention? It is a recent phenomenon when, for whatever reason—breaking news, a video, or possibly a tweet posted on a large-scale social media system like YouTube or Twitter—captures the attention of thousands if not millions of internet denizens. A possible explanation as to why this happens is that we humans, thanks to our social and cognitive makeup, are more likely to trust information gleaned from our social circles than from mainstream venues, and online social-media outlets are now becoming our social circles.
This digital "perfect storm" is not lost on cybercriminals, who craft online threats—phishing emails and/or malicious websites (Figure A)—related to viral (aka collective attention) social media events to phish unsuspecting victims whose only mistake is being interested in a trending piece of internet news, video, or tweet.
Caverlee's prior work
Early in 2017, Caverlee and his team began building a threat-awareness platform that would serve as an early-warning system. At the time, he suggested this type of countermeasure would mitigate the effects of collective attention threats.
However, that approach is already outdated. In this Texas A&M press release, Caverlee said, "It is imperative to develop new techniques to detect, analyze, model, and defend against collective attention threats in large-scale social systems."
He admitted that existing media-based protections are not sufficient. "YouTube, itself, is responsible for monitoring and expelling videos that are conduits to spam and malware, while Twitter attempts to block spam accounts and messages once it collects sufficient evidence," Caverlee said. "This one-size-fits-all method ignores individual risk profiles and suffers from either blocking too much content or allowing all content."
"We propose to develop a personalized app that will communicate to each user their exposure to collective attention threats," Caverlee said. To accomplish that, the personalized app his team is developing will be able to detect evidence of collective attention threats early on—perhaps when the collective attention phenomenon starts going viral.
The press release cited Twitter as an example. "The way the app will work is that on opening a user's Twitter timeline, for instance, the app will highlight tweets that are associated with a threat. This will give each user more control over their social experience."
There are challenges ahead
Caverlee and his team know that their first threat-awareness platform (February 2017) is now unable to keep up. The press release noted that Caverlee "recognizes the need to have a continually upgraded design" because the threats keep growing and changing. "His team will provide its initial thoughts on the most relevant features influencing and predicting threats and will continue to explore the most computationally efficient features to maintain the app's responsiveness."
Caverlee is persistent. He has been working on collective attention threats since the mid-2000s, studying emerging social systems like Twitter and creating social honeypots (research paper) to capture malicious code used by social spammers so it can be reverse-engineered. More recently, Caverlee has been studying online spaces and how they are manipulated by internet-based campaigns and crowd-sourced attacks.
The press release winds up with these final words from Caverlee:
"The ultimate goal is to build a scientific foundation for the understanding of new threats, including algorithms; frameworks and systems; tools that combat threats against company systems—giving users more power to make sense of their online experience."
- The godfather of ransomware returns: Locky is back and sneakier than ever (ZDNet)
- Twitter has a spam bot problem — and it's getting worse (ZDNet)
- De-anonymizing web-browsing histories may reveal your social media profiles (TechRepublic)
- How an IoT DDoS warning system helps predict cyberattacks (TechRepublic)
- Social media policy (Tech Pro Research)
What measures have you taken to try to protect your staff from collective awareness threats? Share your experiences and advice with fellow TechRepublic members.