Skip to main content


Seeing a lot of new followers today with 0 following/followers. Are we tracking a big influx from the Brazilian diaspora maybe? Or another spam campaign is brewing?
in reply to BrianKrebs

I have seen at least one new intro and one #mastodonmigration response to a different account go by in my feeble timeline.
in reply to BrianKrebs

I saw discussions about mastodon.social having a lot of new accounts (and bots) apparently coming from Brazil because of bird site fight. Also, since it is US election time, the influx, from anywhere doesn't surprise me, but gotta figure they are mostly fake or bot accounts.

Edited for clarity.

This entry was edited (2 months ago)
in reply to BrianKrebs

i just saw a cryptocurrency spam bot because i posted a picture of a chart. im willing to bet that along with all the legit brazilian users that are landing here, the shady ones came with them
in reply to BrianKrebs

Only low follower account I picked up following me was some on promoting a cheap looking porn video game.

Looked relatively legit as far as those accounts go.

I did see a number of very new accounts showing up in in discussions about the Brazil kerfuffle that appeared to be shills/spammers of the pro-musk/pro-bolsanaro(sp?) variety. EDIT: meaning their entire feed was just replies to various Brazil threads shilling for Twitter and/or lying about the cause of the ban.

This entry was edited (2 months ago)
in reply to Bee O'Problem :godot:

@beeoproblem Interesting. I'd love to hear from @jerry, but I think previous fedi-spam campaigns often sent bots to follow people w/ high numbers of followers, and then crawl their followers and then blast spam to everyone.
in reply to BrianKrebs

The spam bots I've seen in recent times have harvested accounts from feeds. That said, I think the spam actors, social media marketers, reputation management companies, phishers and other actors of questionable repute are still trying to figure out how best to use the fediverse for their purposes.

I took a look at the most recent few hundred followers on your account - I can only see info about those who are @infosec.exchange accounts, and all the ones I sampled appeared to be legit, and very few appeared to be Brazilian (though there were a few). Based on the names and bios of those on other instances, there are definitely some spam accounts among them. I even found a few here that I've taken care of.

I do think that there is a growing trend of accounts trying to collect followers by following many other accounts (sometimes repeatedly following and unfollowing over a series of days to get the account owner's attention).

At least here on infosec.exchange, we have a lot of accounts that are in "read only" mode. I don't know what they're doing or why. some have come forward and told me that they want to read the posts of select people on the fediverse, but are turned off by the prospect of interacting with people on the fediverse (I guess either because of reputation or personal experience?).

All that said, I have observed a significant uptick over the past week in spam registrations. Most of them are "profile spammers" - less are posting spam comments. Mastodon.social has been seeing a lot of them recently - particularly porn bots/girlfriends/crypto scams.

I'm going to move infosec.exchange back to moderated signups as a result, since I think we're seeing more illigetimate signups than legit ones over the past few days.

@beeoproblem

BrianKrebs reshared this.

in reply to BrianKrebs

Today? Maybe Brazilian.

Lately some of us have noticed a lot of new troll/bot accounts popping up with either no followers or they were made in 2022 and have been "sleeping" and came to life recently only to troll political posts.

in reply to BrianKrebs

I keep trying to bring people over from Fecalbook but...
¯\_(ツ)_/¯
in reply to BrianKrebs

How hard would it be for the bots to follow each other before latching onto legitimate accounts? Can't change the joined-on date, but follower count is easy to manipulate. Seems like a simple measure to make them seem less botty, and if I've figured that out they surely have as well. So - maybe some of them are legit?
in reply to BrianKrebs

one of the things I love about #Mastodon is that I can vet people who want to follow me. I've found this quite helpful. It's just a simple setting.
in reply to BrianKrebs

I've noticed the 'follower count' can be wildly, WILDLY wrong depending on the cohorts thing. I got a follower with '2 followers' the other day, went to look and they had 400, and 200 people they followed.

I make no pretense of saying it's reasonable to have to check each individually, but I don't think it's as simple as these numbers are always accurate.

in reply to BrianKrebs

I just checked and I have a follower count of…1. I just don’t post here enough to merit following, but I’ve lurked here every day for over a year. I had the same pattern at Xitter but I had like 50+ followers, most of which were bots that randomly followed me. I have to imagine there’s a fair number of people with similar usage patterns signing up - will be interesting to see if that holds though…
in reply to BrianKrebs

welcome to my legion! You have just made a very low-risk, low-reward kind of a move…
in reply to BrianKrebs

IDK I'm actually kinda uncomfortable by this shade you're throwing on zero. 😅 Until we get #VerifiableCredentials, not sure how much we can rely on simple metrics. https://w3c-ccg.github.io/data-minimization/#selective-disclosure

Edit almost forgot: ░T░A░G░S░I░N░B░I░O░.

This entry was edited (2 months ago)