Account has been widely used as the user identifier in WEB applications suck as Social Networks (SN), Instant Massager (IM) and E-Commerce. At present, most researchers focus on the social network attack detection which includes spam and fake accounts detection among SN envrionment. Obviously, current works are unable to cover all related fields and put forward unified description to the study objects. In order to solve these problems better, in this paper, firstly, we propose that the account is the only study object, and define malicious accounts controlled by attackers executing abnormal behaviors as manipulated account. Then, we classify the manipulated account according to the degree of control they suffered so as to categorize the detection methods by different kinds of manipulated account. Moreover, a statistical methods to classify the account have been promoted to verify the existence of manipulated account. Finally, we discussed some challenges and show some prospects about this area.