Is this "real"? This is the story of how attackers today leverage a variety of tools and tricks to impact the influence landscape at scale. Many have heard of "fake news" and know that those "friends," "matches," or "followers" might not all be real; the information we consume is inflated with likes and ratings generated by coordinated attackers utilizing anything from users' browsers to IoT devices. How are these fake accounts and likes and clicks created? To what extent are they "real"? This session will explore the fake account ecosystem, with specific focus on the lifecycle of a fake account and how specific tools and attacks are used to create likes and clicks; sometimes through automation and emulators, sometimes using real people through phone farms, mechanical turks, and sweatshops. We'll dissect the different main attack vectors and how they are being exploited: Content: repurposed to fit a different context, Access & Authentication: gained through Account Takeovers and credential cracking, Fake Accounts: created strategically to build trust, Usage: to emulate "real" users and not get caught Together, we’ll workshop practical steps to building an army of influencers (on a budget) using off-the-shelf tools and show some more advanced techniques seen in attacks today.