Abstract. Online recommender systems are a common target of attack. Existing research has focused on automated manipulation of recommender systems through the creation of shill accounts, and either do not consider attacks by coalitions of real users, downplay the impact of such attacks, or state that such attacks are difficult to impossible to detect. In this study, we examine a recommender system that is part of an online social network, show that users successfully induced other users to manipulate their recommendations, that these manipulations were effective, and that most such manipulations are detectable even when performed by ordinary, non-automated users.