Tuesday, 11 October 2011

Twitter Spam & How to Avoid It

There has been a recent wave of Spam on Twitter.

The main way the spammers use Twitter is by hacking into accounts and sending Direct Messages (DMs) to people with links to dodgy websites. The website will ask you to enter your Twitter username and password.

PLEASE NOTE: Twitter will NEVER ask you to download something or sign-in to a non-Twitter website.

You receive the DM and because it's from someone you know you can be tricked into clicking the link and because the website seems like a Twitter log in page you think nothing of it and enter your details.
The recent one doing the rounds was like the one in the example below.
I've hidden the id of the sender to protect them. The tweet reads: "I saw a bad blog about you. Have you seen this?" Followed by the link.

I use Hootsuite to manage many of my social media accounts such as Twitter, Facebook and LinkedIn, which is what I recommend to every one. You don't need to download any software - you just go to www.hootsuite.com.

In the image above you'll see there is a + symbol to the right of the URL in the tweet. If you click on this it expands into a box like the one in the image so you can check the URL and see where it's actually going. In this example you can see the WARNING sign and so you would never click the link.

So DO NOT click any links in DMs unless you were expecting a message with a link from the person and if you use Hootsuite you can check the URL first by clicking the + symbol first.

What to do if you are hacked
On speaking to some of the people I know locally who have had their Twitter accounts hacked I realised that many of them didn't know what to do about the hacking and how to secure their Twitter account.

I also realised that many didn't fully understand why these spammers or hackers do this. So I'm just going to explain and hopefully this will help a lot of people.

If your Twitter account is compromised go to the Twitter support site here: https://support.twitter.com/articles/31796

The hackers and spammers do this to get your password. Once they get your password they can then log in and send more DM spam to other unsuspecting people on Twitter and capture more passwords.
They want your password because way too many people use the same password for other website such as PayPal. If the hackers can get into your PayPal account they can spend your money!

So be warned. If your Twitter account has been compromised make sure you change your password on all the websites where you use the same password. And STOP using the same password for everything.

If you want a brilliant new system for creating and remembering passwords go to the Oxford Internet Institute website here: https://passwordcard.oii.ox.ac.uk/ This is a fantastic system!

No comments:

Post a Comment