A spectre is haunting cyberspace…

Feed Poisoning

“Feed Poisoning” is an attack vector that exploits the way modern social media systems process viewing and consumption behaviour. It involves sending links designed to deliberately disrupt the recipient’s recommendation algorithm, for example to influence suggestions or advertisements.

This attack is known as “feed poisoning” and falls into the category of social engineering attacks.

Risks

The risks are manifold, as most attacks are designed to have a long-lasting (and insidious) effect. The more harmless variants merely result in new suggestions in one’s personal social media feed that do not correspond to one’s own habits (so-called “bubble popping”). The consequences, however, can be far more dramatic. Particularly in the English-speaking world, the phenomenon of so-called “pipelines” has been described in detail. For YouTube, for example, this is the Alt-Right Pipeline, which has already been replicated in a large number of self-experiments. In this context, the platform’s algorithmic escalation means that with increased consumption of, for example, “science-critical” content, Bitcoin/finance content or even the so-called Manosphere, more and more right-wing content is gradually suggested.

Feed poisoning can therefore also become a serious problem for democracy

Antivirus scanners do not detect feed poisoning

As feed poisoning involves sending links to legitimate content that appear harmless, antivirus scanners do not recognise the threat.

Feed poisoning is cross-platform.

Unlike traditional viruses, feed poisoning takes effect via the server of the compromised social media account.

Consequently, there is no protection for users of niche operating systems such as Linux or macOS. As most social networks now also offer native mobile applications that are equally capable of resolving and opening links to their content, these are not protected from attacks either.

This is how cyber-propagandists operate:

A feed poisoning attack usually begins with the sending of one or more links, which are generally intended to introduce the subject of manipulation. The number of links clicked by the end user significantly increases the likelihood of success. Once a relationship of trust has been established, experienced propagandists follow up by continuing to send links that continuously condition the algorithm of the social media platform used by the target of the attack in the desired direction.

Tips to avoid falling for feed poisoning:

• Check the sender carefully. Do you know them personally? Are they trustworthy?
• Don"t open links from messaging apps or emails by clicking on them; instead, copy the URL into a browser in incognito mode. Do the same on a mobile device.
• Use a different browser to your default browser for social media, so that links aren"t opened in it.