Quick question for the community: Over the past few days, has anyone noticed unusual follower activity? I'm talking about sudden spikes with accounts that look... automated?
What I'm Seeing
My follower count jumped from ~50 to 130 basically overnight. When I checked the profiles, nearly all the new followers had:
Zero posts, completely empty bios
Generic username patterns (user_xxxxx style)
Default avatars
No activity history (no comments, reactions, nothing)
Account created recently
Why I'm Asking
Before I assume this is a platform-wide issue, I wanted to check if others are experiencing the same thing. I built a quick Python audit script to analyze my followers, and the results were... concerning. Nearly 80% of my recent followers match classic bot characteristics.
For the Security/Data Folks
If you've seen similar patterns, I'm curious what heuristics you're using to detect them. My current approach checks:
Profile completeness (bio presence, post count, avatar type)
Username entropy and common bot patterns
Account age vs. activity ratio
Engagement signals (comments, reactions, follows/following ratio)
The pattern is pretty consistent across the suspected accounts, which suggests shit automated account creation rather than organic growth.
Not Trying to Be Alarmist
I've already reached out to the Dev.to team to share my findings. I'm not here to complain—I genuinely want to understand if this is:
Something others are experiencing
A known issue the team is already addressing
Just me being paranoid about metrics that don't really matter
For those of us trying to build real credibility here—especially in security, research, and data-integrity fields—follower authenticity actually matters. When half the engagement comes from accounts that look automated or inactive, it dilutes the signal and makes it harder to measure genuine reach. And in this line of work, when you're building and testing security tools, visibility can make you a target. So… anyone else noticing this?
Have you noticed similar follower spikes?
Are you seeing the same bot patterns?
Should we even care about follower counts if they're this easy to game?
Would be interested to hear if this is isolated or part of a broader pattern.
Why Early Detection Matters:
Here's the thing about bot waves: they're manageable when caught early, but exponentially harder to clean up once they've established a foothold. I've seen this pattern in network security—automated threats that start small and seem harmless can metastasize into infrastructure problems that require major intervention.
The sooner we identify and address bot patterns on platforms like this, the easier it is to preserve authentic engagement metrics and community trust. Waiting until the problem is "obvious" usually means it's already embedded in the ecosystem.
That's why I'm raising this now, while it's still just a pattern I noticed—not a crisis the platform has to manage.
Top comments (15)
I saw it before too dev.to/olgabraginskaya/whos-really...
Thank you Olga. Your investigation is way way way more detailed than mine and I appreciate your time put into it.
Exactly, literally after every 5-6th shorts in facebook, I was following a profile which i never knew about. BUT the interesting thing is we can't unfollow those, the unfollowing button is not working, it appears to be "Follow" but after 2-3 secs again it shows following.
I’ve seen that too — some of the bot accounts following me can’t be removed at all. When I try to unfollow or remove them, the profile redirects to a 404 page, which makes me think the accounts are already dead/removed on the backend but still stuck in the follower list. Definitely not normal behavior.
Platform vendors buys accounts such as DEV accounts, to falsely inflate "engagement". I've been offered likes, accounts, and comments for as little as $1, on all major platforms. I tell them to f**k off of course, but I assume not everybody is as honest as me ...
Thomas, you’re a legend for this response. Thanks for being real about how messy the engagement market is
Actually Yes i have !! And i have reported it to Jess and Ben but they are really trying from their side to stop this . But again the attackers are finding new ways i guess.
Thanks for sharing that — it actually helps knowing this isn’t just happening on my end.
Totally appreciate that Jess, Ben, and the rest of the team are actively fighting this. Attackers always adapt, and I get how tough that is on the platform side.
Hey — this is really insightful and kind of alarming. Your analysis makes a lot of sense, and the way you’re using heuristics (username entropy, account age, engagement signals) is smart. I’ve seen similar odd spikes — accounts with zero activity and default avatars are definitely red flags.
A few thoughts / suggestions:
Also: you raised a great question — should we even care about follower counts if they’re so easy to game? My take: yes, especially on a developer platform. For people building in security, data, or research, those vanity metrics can feel misleading and even risky.
Thanks for flagging this early — it helps the community stay vigilant. 🙏
github.com/GnomeMan4201/devto-bot-...
devto-bot-audit scans your Dev.to followers and flags accounts based on behavioral signals and profile entropy. No cookies or browser automation required — just your API key.
Note: Before posting about this publicly, I did try to raise the issue privately with the Dev.to team. I’m sharing this tool now to support others who may be seeing similar patterns and want visibility into what’s happening on their own profiles.
It’s not a silver bullet — but it’s a step toward transparency. If you’ve noticed a spike in inauthentic followers, this will give you the raw data.
I've seen this before.
I assume most of my followers are bots from a wave a few years ago.
Yeah, I don't want to be a maintainer these days. It's a lot of work to fight them off.
On the other hand Dev.to did a good job in preventing shit posts. I feel there are less low quality AI Posts (or they got wayyy better). Also there are less spam posts. I like that.
Will keep a lookout for this pattern. Only have about 7 followers and the 2 I recently gained look legit. I also think it’s important to blow the whistle when discovered, so this doesn’t turn into X.
Thanks for keeping an eye out — that’s exactly what I’m hoping more people do.
Even if someone only has a handful of followers, small anomalies are often the earliest signal something larger is happening in the background.
My spike wasn’t just sudden — it has a pattern:
zero-post accounts
generic usernames
default profile pics
all created within a very tight timeframe
That’s why I figured it was better to raise the flag early rather than let it quietly snowball the way X did.
If more of us call out weird patterns as they happen, Dev.to has a better chance of catching things before they become systemic. Authenticity is what makes this place valuable — especially for people building real work and reputations here.
Appreciate you chiming in
If anyone's curious, here are some of the actual signals platforms use to detect coordinated automation (from a security research perspective):
I'm not saying DEV implements all of these—just that these are signals mature platforms monitor. Given the follower spike several of us experienced, it raises some interesting questions about detection gaps.
Some comments may only be visible to logged-in visitors. Sign in to view all comments. Some comments have been hidden by the post's author - find out more