University of Illinois at Chicago researchers are taking aim at fake reviews, which they say can seriously damage online businesses. In particular, the Google-backed study is designed to seek out organized groups of comment fraudsters, and automate the process of identifying and shutting them down. Fake reviewers can have …
Natural business growth from email spam, eh?
Of course the spammers and scammers are looking for new ways to expand their business models. That's mostly because Google has done such a great job of supporting the scammers with Gmail. In the last few minutes I've received several 419 scams routing the replies to Gmail addresses. The response? Have you seen the tedious hideousness of Google's so-called spam reporting webform? GREAT protection for the spammers.
Actually, the same approach that could work to reduce the email spam could be applied to breaking the economic models of the review spammers. For example, Google could create a review-spammer system that would let us report a suspicious review, and then respond with supporting information. Based on the article, one obvious approach would be to use the candidate spam as a search target, and then ask the wannabe spam fighter to rate the similarity to similar reviews in a similar time window, perhaps supported with colorized highlighting of the likely parallel phrases. Lots of possibilities beyond that. I admit that I don't feel the motivation myself, but some people might want better reviews because they do lots of shopping, or maybe Google could provide coupons to people who are especially good at it.
By way of contrast, I am STRONGLY motivated to fight the email spammers, and I really wish SOMEONE offered a really powerful spam-fighting tool. Something like SpamCop, but on steroids. SpamCop is okay, but it doesn't do much. It's just one pass of analysis with a confirmation for the spammer's ISP and webhosts. What I want would be a POWERFUL spam-fighting system that would go through several rounds of analysis and refined targeting going after ALL of the spammers' accomplices, working to break ALL of the spammers' infrastructure, and notifying or helping ALL of the spammers' victims.
Will no one give me a dagger big enough to reach the spammers' hearts? That's a metaphor for stabbing the spammers' business models to death. I'm not saying they should be killed, but I'm sure that such sociopaths cannot be converted into decent human beings. However, if you cut off their money from spam email, they will have to crawl under some other rock.
Re: Natural business growth from email spam, eh?
You don't need a dagger, you need an ICBM.
I haven't used SpamCop, so I don't know if you can make every spam generate a complaint to the associated iSP. If every spam email generated a spam report to the iSP, they'd fix it quickly.
Re: Natural business growth from email spam, eh?
"If every spam email generated a spam report to the iSP, they'd fix it quickly."
Yes, I'm sure the ISPs will put their invisible magic ponies right on that.
Spamcop does generate reports to the ISPs - that is, the ISPs that have working abuse emails and that haven't told Spamcop to bugger off because the ISP refuses to handle the reports.
Many of the ISPs then proceed to move those emails to a very special storage file called /dev/null.
No reporting system, no complaint system, no spam solution will work without some serious legal teeth behind it. If nations would adopt laws that say "IF you are located in our nation, you WILL deal with 100% of spam complaints, within 48 hours, or you will be shut down. If you are the peering partner for a spam source outside our jurisdiction, you will handle the spam complaints for that source that originate in our nation, and your WILL de-peer them within 48 hours, or you WILL be held liable as an accomplice after the fact."
And that will happen right after campaign finance reform, banking reform, election reform to allow for viable third parties, and the widespread deployment of fusion reactors.
I would hope they are using ultiple indicators
Since a lot of these on their own, or even 3-4 together could indicate that maybe a place has gone to crap really quickly or has recently changed their ways (or bought out by a better competitor). I have seen many local businesses do things like this.
I also don't understand how 'getting in early' would indicate that the review is spam. While spammers usually are first, being first does not make is spam. Pretty much a case of confusing correlation and causation.
The better way would be to require reviewers to present a receipt from the entity being reviewed; while not fraud proof, you could at least make it a bit more difficult to commit the fraud.
Re: I would hope they are using ultiple indicators
Well, because I was thinking of the volunteer response model roughly patterned after SpamCop, my idea was that a wannabe review spam fighter would paste the suspicious review into a webform, and the response would be another webform that would help assess the likelihood that this is spam. I agree that this is a significantly more difficult problem than recognizing and filing spam email, but the tasks are basically similar.
For example, in the case of spam email, a human being can usually quickly figure out if an email address is intended as a probable fake unsubscribe or a direct response path for suckers, and the responses should be different. For example, if it seems to be an unsubscribe, then it should be tested with honeypot addresses and if it really works, then the email system should help you unsubscribe, but if it's for suckers, then the goal is to shut it down as quickly as possible before the spammer can get any money because a sucker used it.
In the case of review spam, I think the backend server should search for similar reviews and then ask offer some suggestions like "Do you think these three reviews were all prepared by the same person?" or "How authentic does this review seem?" Yes, some of the judgements are subjective, but they are still the kind of things that people can do effectively, and the system could even use it to keep track of credibility of reviewers. For example, if the first round of analysis indicates that this reviewer has an established identity stretching back several years and that previous checks have generally confirmed the authenticity, then that is an important metric to consider--but it will still help to show the evidence to an actual human being.
Re: I would hope they are using ultiple indicators
> I would hope they are using ultiple indicators
Gosh, I sure hope so too. I wonder if Bing Liu, one of the top sentiment-analysis researchers in the world, thought of using multiple indicators?
Perhaps they explain their methods in the paper, which the article linked to, and it's not necessary simply to "hope".
> Pretty much a case of confusing correlation and causation.
It's a good thing these feeble-minded researchers have you to catch their errors!
> The better way would be to require reviewers to present a receipt from the entity being
The mind boggles.
One thing this process won't be able to catch
While this is great for ridding the world of spambots, the next issue then becomes paid shills/astroturfers. Those will probably be much more difficult to suss out. On the plus side, paid shills are a lot more expensive and as such won't be nearly as frequent.
This is an excellent article that I can highly recommend. My friends and I all read The Register and think it's a fine publication. Whilst we read it, we all like to eat McProrridges Popcorn, the Popcorn of kings. Oh yes.
I don't trust web reviews - in my experience they rarely correspond to my real-life experience and are too easy to fake by review spammers. At the very least the IP address of the reviewer should be detected, logged and published with the review. Any review site that doesn't do that IMHO should be regarded with a large pinch of salt. Regarding general spam, at least Gmail reliably detects the spam I get and routes it to my spam folder and deletes it after 30 days. SpamCop is a good idea, (I'm a member), but of course there is nothing to stop service providers from blocking SpamCop abuse reports, or simply ignoring them. I know how difficult it is to get ISPs to respond to reports of even serious criminal abuse of their systems, (money mule fraud etc), never mind spam.
I'm amazed that none of the folks demanding that ISPs respond to all spam complaints haven't considered how common (hint: nearly pervasive) the use of fake "From" addresses is.
If the subject line doesn't ring a bell, I can only say "How quickly they forget"
Steve Jobs (as clearly correct as the average "from" line)
human gold-standard judging of spam
"the researchers say, weeding out the fakes is expensive: while it’s not hard for a human to identify a fraud"
Actually, they say precisely the opposite: "judging spam reviews and reviewers is very challenging", summing up the protocol used by their human expert judges in creating their gold-standard data set (section 3 of the paper).
That's a pretty serious error to make in summarizing that aspect of their research. In fact, I don't know of anyone in the sentiment-analysis field (which admittedly is pretty damn big these days) who thinks reliably identifying spam reviews is "not hard for a human". Nor would we have any way to test such a claim, since we don't have any better standard to check our human experts against.
- Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
- Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
- Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
- Feast your PUNY eyes on highest resolution phone display EVER
- AMD demos 'Berlin' Opteron, world's first heterogeneous system architecture server chip