Internet Security Blog - Hackology

WhatsApp Adopts a New Approach to Fight Spam



WhatsApp with its 1.5+ billion users in 180 countries makes WhatsApp the most-popular messaging app in the world with one billion daily active WhatsApp users. Such a massive amount of user base makes it a very lucrative target for spammers, scammers, bots, and people who try to clutter your chat screen with automated messages where they are enforcing their products down your throat.

Ever growing User base of WhatsApp

With so many active users and spammers all present on one single platform, WhatsApp has to find out a way to take care of the bad players and kick them out of their network. WhatsApp removes two million accounts from its service each month. WhatsApp software engineer Matt Jones said that the company can ban 20% of those accounts when they register.

Does WhatsApp Break End-to-End Encryption ?

How would WhatsApp sort out whom to block,who is a scammer or who is not abiding by the ToS of WhatsApp ? Do they go through our messages ? We were told that WhatsApp has end-to-end encryption and no one can read our messages as stated here :

WhatsApp’s end-to-end encryption ensures only you and the person you’re communicating with can read what is sent, and nobody in between, not even WhatsApp.

WhatsApp does not go through our messages and the encryption part is valid aswell. In order to ban those accounts, WhatsApp uses a combination of human intervention and machine learning. Twenty-five percent of the banned accounts are removed by humans, while the remaining 75% are scrubbed out by algorithms that seek out malicious activity.

WhatsApp claims “Privacy and Security are in our DNA”. In today’s world when it becomes tough to recognize spam / fake news, WhatsApp is taking measures to fight spam and reinventing the mechanics of doing it.

Top Usage Sessions by Apps
WhatsApp rise to fame required some measures to fight Spam on the platform

How WhatsApp Identifies Spam ?

Matt Jones, a WhatsApp engineer said

WhatsApp developed approaches to detecting spam that doesn’t rely on content at all and WhatsApp slashed spam by 75 percent after launching end-to-end encryption

This all sounds very fancy and interesting but how exactly do they do it ? without reading our messages and because WhatsAppp is owned by Facebook , it is natural not to trust them but maybe if they have a convincing logic to it

WhatsApp performs analysis of User Registration Metadata and the rate of Sending Messages and calls it “User Actions”, further explaining the same Jones stated

there are three checkpoints to ban an account, at registration, during messaging and reporting and uses Facebook Immune System model, which examine every read or write action to define abusive behavior and train its machine learning systems.

You can read about the main components of Facebook Immune system in detail in Section 4 of their Whitepaper , while I will break down the steps WhatsApp takes in identifying and stopping spam without going through our private data or even PII.

Location

WhatsApp check phone number to verify your coordinates and the machine learning algorithm uses necessary information such as device details, the IP address and carrier info to ban malicious accounts.

Must Read:  RIM faces legal strife over BBM

Registration in Bulk

If registration is started in bulk from a computer network, or a phone number similar to the one which was banned already, the system ban those account before they can even send a message. Around two million accounts are banned every month, 20 percent are caught at registration.

Number of Messages

WhatsApp checks for bots by looking at the number of messages they send after registration for example if 100 messages are sent in 10 seconds within five minutes of registering, it would be a clear sign that it is a bot and would merit a ban. Although this can bypassed as to register a number and wait for few days before sending out spam messages thus WhatsApp constantly monitors by looking at the number of messages a user is sending per minute to identify plausible spam

Links

If a user is sending a malicious link, WhatsApp will mark them as suspicious. WhatsApp also lets you report a group or leave it so that admin can’t add you back.

Report by Others

WhatsApp also ban accounts when they are reported, however, after extensive analysis. WhatsApp also makes sure a group of people do not target a user and provide fake reports.

Report Spam on WhatsApp
Users can report Spam to WhatsApp if they receive messages from unknown numbers

Spam Sources

WhatsApp examines data such as Internet Service Provider (ISP), phone number, and phone network of a user and compare it to previously reported spam. If the data matches, it will be flagged as spam.

Different Country Codes

If a phone with one country code connects from other country’s network, it will also be examined to assess if it is a traveler on vacation or a spammer.

Spam Model Training

WhatsApp also looks at the past activities of a known caught spammer and performs analysis and reasons on why it has been caught at the first place and use the same model to catch future spammers after establishing known spam tactics on their App, The first incident might have been caught after a manual review by staff but afterwards its added to the model training and future cases are dealt automatically.

If a user sends spam and is reported, it is going to be banned, and sometimes users are banned on the probabilistic model of spam fighting. Although a user can appeal against the ban and WhatsApp will check either they need to reconsider their decision.

WhatsApp Banned Contact Support
Support can be Contacted in case your WhatsApp number is banned by mistake

Conclusion

All this spam fighting is done through the analysis of metadata of a message (the non-content information associated with transmitting a message) and other factors explained above. WhatsApp is also making efforts to further improve the user experience and cut on “Fake News” by introducing a global limit of forwarding messages to cater spamming and fake news.

Can machine learning save us from spamming? Due to encrypted chats, WhatsApp can’t read the content of our messages to differentiate between spam / fake news and a real conversation, so is it enough ?

1 comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.



Get Wise

Subscribe to my newsletter to get latest InfoSec / Hacking News (1 Email/week)

Pin It on Pinterest

Shares
Share This