Mariconti, E;
Onaolapo, J;
Ahmad, SS;
Nikiforou, N;
Egele, M;
Nikiforakis, M;
Stringhini, G;
(2016)
Why Allowing Profile Name Reuse Is A Bad Idea.
Proceedings of the 9th European Workshop on System Security
, Article 3. 10.1145/2905760.2905762.
![[thumbnail of paper.pdf]](https://discovery.ucl.ac.uk/style/images/fileicons/text.png) |
Text
paper.pdf - Accepted Version Access restricted to UCL open access staff Download (426kB) |
Abstract
Twitter allows their users to change profile name at their discretion. Unfortunately, this design decision can be used by attackers to effortlessly hijack user names of popular accounts. We call this practice profile name squatting. In this paper, we investigate this name squatting phenomenon, and show how this can be used to mount impersonation attacks and attract a larger number of victims to potentially malicious content. We observe that malicious users are already performing this attack on Twitter and measure its prevalence. We provide insights into the characteristics of such malicious users, and argue that these problems could be solved if the social network never released old user names for others to use.
| Type: | Article |
|---|---|
| Title: | Why Allowing Profile Name Reuse Is A Bad Idea |
| ISBN: | 1450342957 |
| ISBN-13: | 9781450342957 |
| DOI: | 10.1145/2905760.2905762 |
| Publisher version: | http://dx.doi.org/10.1145/2905760.2905762 |
| Language: | English |
| Keywords: | |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/1477196 |
Archive Staff Only
 |
View Item |
