This algorithm monitors Twitter for fraud in real time

The system, developed by an undergraduate at Harvard University, can mine Tweets for suspicious links in real time

A new algorithm can mine Twitter for web fraud

Social media sites have become the primary medium for fraudsters to entice unsuspecting users with links to financial fraud websites. To help stop this, Daniel Rothchild, an undergraduate at Harvard University, has developed a program that automatically searches Twitter in real time for suspicious links appearing in tweets.

According to the results published in the Journal of Technology and Science, his program found more than 70,000 suspicious tweets in 24 hours, with 56pc of the tested links appearing fraudulent.

The most-tweeted fraudulent link, to a purported weight-loss program, was tweeted more than 12,000 times, and all of the top 10 most-tweeted links were found to be fraudulent.

This suspicious site ranked 1 out of 50 and had a count of 12,095 tweet occurrences. This image was captured from on 3/5/2015 but by the time of writing had been taken down.

A 2014 survey by the Get Safe Online initiative, a joint project by the UK government, the National Crime Agency and the telecoms regulator Ofcom, among others, found that 51pc of Britons surveyed were victims of identity theft, hacking or abuse on social media, while losses from online fraud are £670m a year.

In many cases, fraudsters lure victims to websites they have set up in order to collect their personal or ﬁnancial information or to present them with advertisements that make deceptive offers - unsurprisingly this is increasingly done through social media websites including Twitter and Facebook.

But Rothchild's algorithm turns cyber-criminals' tool against them to proactively discover pockets of criminal activity before they get taken down. "Continuously monitoring social media data might allow consumer protection groups to become aware of fraudulent websites much faster than they could otherwise," Rothchild wrote in the paper.

Having a more complete record of suspicious activity on social media could also prove invaluable to law enforcement when prosecuting fraudsters who try to conceal the extent of their fraud.

To help users protect themselves, Rothchild suggested it would be possible to create a browser extension that would warn users when they click on a link through Twitter that has been automatically identiﬁed by the tool as suspicious.

How it works

Rothchild wrote a Python script to search for keywords in Twitter’s real-time stream. The keywords are terms loosely associated with common types of fraud, namely: muscle, weight, diet, acai, cambogia, lose fast, and miracle pill. These were taken from a report on online fraud published by the US regulatory body Federal Trade Commission which identified several terms that may be associated with fraudulent offers, including weight, diet, exercise, weight-loss, prize, sweepstakes, lottery, and winner. The exact choice of keywords doesn't matter, because it can be swapped to use any keywords that are suspected of being associated with fraud.

The algorithm searched in particular for links tweeted an unusually large number of times, as this suggests that a bot, rather than a human, is behind it.