A simulated cyberattack on Twitter: Assessing partisan vulnerability to spear phishing and disinformation ahead of the 2018 U.S. midterm elections

Keywords: Cyberattack, Weaponization, Social Media, Disinformation, Phishing, Elections, Twitter

Abstract

State-sponsored “bad actors” increasingly weaponize social media platforms to launch cyberattacks and disinformation campaigns during elections. Social media companies, due to their rapid growth and scale, struggle to prevent the weaponization of their platforms. This study conducts an automated spear phishing and disinformation campaign on Twitter ahead of the 2018 United States midterm elections. A fake news bot account — the @DCNewsReport — was created and programmed to automatically send customized tweets with a “breaking news” link to 138 Twitter users, before being restricted by Twitter.

Overall, one in five users clicked the link, which could have potentially led to the downloading of ransomware or the theft of private information. However, the link in this experiment was non-malicious and redirected users to a Google Forms survey. In predicting users’ likelihood to click the link on Twitter, no statistically significant differences were observed between right-wing and left-wing partisans, or between Web users and mobile users. The findings signal that politically expressive Americans on Twitter, regardless of their party preferences or the devices they use to access the platform, are at risk of being spear phished on social media.

Author Biography

Michael Bossetta, University of Copenhagen

Michael Bossetta is a PhD Fellow at the Department of Political Science, University of Copenhagen. His research interests primarily revolve around citizens’ use of social media during elections, the design of social media platforms, and how platform design is manipulated to conduct cyberattacks. He is the producer and host of the Social Media and Politics podcast. You can follow him on Twitter @MichaelBossetta and the podcast @SMandPPodcast.   

Published
2018-12-01
How to Cite
Bossetta, M. (2018). A simulated cyberattack on Twitter: Assessing partisan vulnerability to spear phishing and disinformation ahead of the 2018 U.S. midterm elections. First Monday, 23(12). https://doi.org/10.5210/fm.v23i12.9540