Bot Development for Social Engineering Attacks on Twitter
This work addresses cybersecurity risks for social media users, but is incremental as it applies existing phishing methods to a new platform context.
The researchers developed Twitter bots to simulate phishing-based social engineering attacks on 1,287 accounts over 38 days, finding that such attacks remain feasible despite platform security, though results were inconclusive about predictors of unsafe user behavior.
A series of bots performing simulated social engineering attacks using phishing in the Twitter platform was developed to identify potentially unsafe user behavior. In this work different bot versions were developed to collect feedback data after stimuli directed to 1,287 twitter accounts for 38 consecutive days. The results were not conclusive about the existence of preceptors for unsafe behavior, but we conclude that despite Twiter's security this kind of attack is still feasible.