Fighting spam at Pinterest
Marty Weiner | Pinterest engineering manager, BlackOps
Spammers used to love us, but not anymore.
Pinterest is a great platform to spam because of the large amount of traffic we drive to other sites. Spammers want to divert traffic to their sites so Pinners will fall for scams. To do this, they’ll disguise Pins as promising weight loss products, work-from-home opportunities, cheap designer handbags and more. This is where the Pinterest BlackOps team comes in. Our mission isn’t to fight spam, but to make it so we don’t need to.
To be successful, spammers must make lots of spam and get lots of people to see and click, and all the while without us knowing. A typical spammer will try to look like a good user by making realistic accounts from computers spread all over the world or by hijacking accounts. There are always several subtle flaws that make these spammers stand out, and once we find one, we’re able to shut them down. They then evolve their tactics and the race begins again. Our job is to be one step ahead of them at all times and make spamming Pinterest unlucrative.
How we defend against the bad guys
So, how do you fight a foe that tries to look like a good user and rapidly changes what it looks like and how it attacks? Military warfare combined with economic modeling.
To successfully execute against this strategy, we need systems that allow us to observe and respond to an attack quickly and effectively while also not harming good users.
Last year, we began building a new system called Stingray that our spam analysts can use to quickly observe attacks, write rules to respond to them, stop the attack, clean up and evolve, all within minutes. Stingray is a distributed stream processor and rule engine that enables us to react to known malicious behavior in milliseconds. We can even pre-empt attacks if they match signatures along hundreds of different dimensions and stop the attack before it starts. Because we architected Stingray with certain fundamental distributed systems guarantees, we’ll soon be able to write a rule and easily apply it in the past completely annihilating an attack and the mess it leaves.
Over the last six months we’ve added a strong integration test environment and comprehensive monitoring everywhere to help us speedily develop and easily detect problems. We made major gains in our operational strategy faster than ever before, and in just a few months:
- The amount of spam reported on Pinterest has nose dived to the point where it’s not a useful metric
- Our system now responds twice as fast to internal spam requests
- The number of Pinners who click on spam has dropped in half (from few to even fewer)
- Our system’s ability to successfully respond to bad behavior improved from 95 percent to 99.99 percent
We can dismantle entire attacks in milliseconds, whereas 12 months ago it would have taken us four hours to a day
We fight spam so Pinners can enjoy their experience, but spammers will keep trying to improve as long as we’re a great platform for them to showcase their content. As you’re reading this, they’re mounting a new and improved attack!
If you’d like to wage war with us, we always need very strong generalists with a passion for building and architecting large complex distributed systems. Join our Black Ops team!
Marty Weiner is a manager on the Black Ops team