By the numbers: How dangerous are Facebook, Twitter, and search engines (really)?

In his presentation titled "The dark side: Measuring and analyzing malicious activity on Twitter and Facebook," Daniel Peck, research scientist with Barracuda Networks, delves into the details of how cybercriminals trap people on social networks. Peck's research also uncovered that user perceptions of social networking security contrasts drastically with actual membership rates, which you can read about in Facebook may be scary, but we love it anyway.

Here are some of the highlights of Peck's data on malicious activity on Facebook, Twitter and search engines.

[Also see 5 more dirty tricks: Social engineers' latest pick-up lines and 5 more Facebook, Twitter scams to avoid]


1 in 100- The proportion of posts on Twitter are that are spam or malicious.

60 percent --The number of so-called "bad" urls on Twitter that turn out to be spam. Other bad Twitter urls include those intended for hacking (19 percent) and those that contain spyware (11 percent).

1 in 1000 --The drive-by download occurrence of bad Twitter URLs.

43 percent -- The number of true users on Twitter. 57 percent are classified as "other" by Peck's analysis, and include spambots or other types of fraudulent account creators seeking to use Twitter as a means to phish or trap people with malware.

66 percent -- The percentage the Twitter "crime rate" increased from late 2008 to early 2009, a period also known as Twitter's "Red Carpet" era when it saw its biggest uptick in account creation. Twitter crime rate is the percentage of accounts created per month that are eventually suspended by Twitter, said Peck.

[See our guide to Social media risks: The basics]


1 in 60 -- The number of posts on Facebook that are spam/malicious.

91.9 percent -- The number of respondents who report having received spam messages on social networks. 54.3 percent reported being phished on social networks and 23.3 percent said they have received malware.

Up to 50 -- The number of people that can be tagged in a Facebook photo or post, a common tactic used to get user attention and then lead them to a malicious link.

1 in 5 -- The number of respondents who said they had been negatively impacted by information exposed on a social network.

Search results

1 in 1000 -- The proportion of search results that lead to malware over the course of the 153-day analysis Peck conducted.

1 in 5 -- The proportion of topics that lead to malware.

38 percent -- The percentage of malware found by Peck that was from Google search results when Peck conducted the 153-day analysis searching thousands of popular topics. Conducting the same searches on other search engines, 30 percent of search results turned up malware-laden links on Yahoo, 24 percent on Bing and 8 percent on Twitter.

17 percent -- Percentage of results that lead to malware when searching the terms "music+video".

Other popular search terms that lead to a large amount of malware included "jenni+jwoww"--a cast member on the show "Jersey Shore" --at 15 percent and "NFL" at 10 percent.

Join the CSO newsletter!

Error: Please check your email address.

Tags Internet-based applications and servicesBarracuda Networkssecuritytwittersocial mediainternetFacebook

More about Barracuda NetworksFacebookGoogleSanford AustraliaYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Joan Goodchild

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts