SkipToMainContent

Emerging Threats

What’s a Twitter bot and how to spot one

Scammers are finding success with a tool designed to infiltrate social media accounts and potentially your personal information —: Twitter bots.

What are they? If you’ve seen Twitter accounts spreading fake news or tweets falsely claiming they have found a cure for COVID-19, you may have spotted Twitter bots.

These social media bots are programmed to troll and propagate misinformation for purposes such as spinning elections, inciting panic, and spreading malware.

It’s a good idea to learn what Twitter bots can do, how prevalent they are, and how to detect these automated accounts to help protect your devices and personal information.

Twitter bots surge: What are they and what can they do?

Twitter bots, also known as zombies, are automated Twitter accounts controlled by bot software. While they are programmed to perform tasks that resemble those of everyday Twitter users — such as liking tweets and following other users — their purpose is to tweet and retweet content for specific goals on a large scale.

The purpose of the bot and its activity can be helpful or harmful.

Twitter bots can be used for helpful purposes, such as broadcasting important content like weather emergencies in real time, sharing informative content on masse, and generating automatic replies via direct messaging.

Twitter bots also can be designed for the malicious purposes of platform intimidation and manipulation — like spreading fake news campaigns, spamming and violating others’ privacy.

It is rare that one account cause widespread damage, instead it usually takes a coordinated effort. Twitter bots are often part of what’s known as a botnet. A botnet is a broad network of automated accounts that work together to appear legitimate, liking and following each other as if they were real. It’s worth noting that: bots also operate on other social media platforms.

Twitter bot scams

Twitter bots rely on stealth. As artificial automations, they can pretend to be real people, liking your tweets and content. Or they can act as malicious bots that try to intimidate, bully, persuade, and incite you to believe things that may not be true and act in ways that are fuelled by false information.

Cybercriminals have used Twitter bots to spread malicious content that contains malware to large groups of Twitter users at the same time. You can help protect yourself against such malware by not clicking on links in tweets and other communications from unknown or suspicious sources.

Twitter bots also have been used for political propaganda and to influence elections. Countries and interest groups may use Twitter bots to spread discontent or panic. Such actions can potentially affect healthcare systems, financial markets, community actions, and political votes.

How prevalent are Twitter bots?

Exactly how many bots operate in the Twittersphere is hard to say. A recent study
undertaken by Carnegie Mellon University showed a surge in bot activity while the United States has been under Covid-19 stay-at-home orders.

The Carnegie Mellon study found almost half of the Twitter accounts calling for America to reopen may have originated from bot accounts. The same study looked at more than 200 million tweets since January 2020 that reference the novel coronavirus. It found that of the top 50 re-tweeters, 41 — or 82 percent — were bots.

The lesson? When it comes to Twitter, be careful about believing what appears to be the broad consensus or engaging in conversation. It could be a misinformation campaign.

7 ways to recognize a Twitter bot

Here are several ways to help detect if a Twitter account is a bot or not. Keep in mind, a bot’s setup and activity often appears automated.

When trying to determine if an account might be a bot, beware of the following red flags:

  1. IP correlation — the geographical location of Twitter accounts.
  2. Time-based correlation — the release of tweets in close proximity. 
  3. Automation — when an account tweets short replies that appear automated.
  4. Content similarity — when the same content is tweeted at the same time by multiple accounts.
  5. Account creation — Twitter bots with recent creation dates.
  6. Account description — when an account looks automated because its username contains numbers. It may also appear anonymous in the absence of a photo, biography, or profile description.
  7. Account activity — when a bot follows a lot of accounts but does not have many followers, and it’s retweeting and tweeting content faster than a human could.

What is Twitter doing to combat bots?

Twitter prohibits the malicious use of its platform, including these activities:

  • Automation meant to undermine public conversation. 
  • The creation of multiple accounts to artificially amplify messages.
  • Involvement in fake engagements by generation, solicitation, or purchase.
  • Aggressive use of Twitter in the form of tweets, follows, and other engagements.
  • Hashtag cramming or using hashtags for spamming purposes.

What does Twitter do about automated accounts who engage in prohibited activities? The social media platform suspends millions of bot - accounts every month.

What can you do to combat Twitter bots?

You can find browser plugins that search for indicators that help identify whether a Twitter account is a bot or not. These third-party tools can help flag suspicious accounts, so you won’t be fooled.

Whether you use a third-party tool or learn to recognize bots yourself, it’s smart to understand how automated platforms can enable the mass spread of false information.

Awareness and using a common-sense approach can help. It’s a good idea to watch for red flags and remain sceptical about information contained in tweets. Go to reputable sources for fact-checking and avoid clicking on suspicious links in tweets that could be embedded with malware.

Copyright © 2020 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.