How to avoid some of the Twitter phishing scams

Posted on by Mark

Recently, there has been a new phishing attack on Twitter..It all starts when you get a message saying.. Is this You? or this is funny? with a link in it.. You click on that link to see what the message is all about..

You arrive on what looks like your Twitter log in page… wrong…You then give that page your user name and password… Bingo.. They now have your Twitter account information..

Then via your account, they start sending direct messages to all of your followers of some unsavory pornographic material.

So how can you minimise the risk of being compromised?

Firstly, treat your Twitter username and password with the same strict caution as all of your other pin numbers and credit card details.

Be suspicious of any messages that come through of this nature.. The ‘hiya how are you’ or hiya this is you’ variety, with links in especially as they are coming from strangers.

I use Hootsuite to manage my Twitter life. One of the really cool features it offers, is that I can preview any URL’s before I click on them. So I simply hover over the link, it then informs me what is ‘behind’ the shortened URL before I click on it..

How do I find out if I have been compromised?

One, people will start calling or messaging you to ask you if you were now in the porn industry… Or go to your Twitter home page, from there, click on the direct messages tab on the right hand side… Then look at direct message sent… anything unusual will appear there…

What should I do If I have been compromised?

The first thing to do, is immediately change your password.. That will stop messages going out. Then I would send out a message telling all that your account was compromised, and that any unusal messages were not in fact from you.

If you do have to change your password, any 3rd party applications should be logged out before hand.. You will then need to add the new passwords to them.

What can we all do?

We can all tell peeps when they see messages that are out of character with the peeps that we are following. Which brings me onto the peeps we are following…

If you are following tens of thousands of followers, then you really don’t have a clue on what or who they are… I would certainly refrain from auto following, and cull many that are obviously not the sort of people that you may want to follow.

Not only do these rules apply to Phishing scams, but to many of the ‘get thousands of followers’ in 20 minute type applications.. be warned.. dont give out your Twitter username and password..

Thanks for reading this article. Remember for sign up for my free daily top Twitter Tips delivered straight into your inbox. Simply email: twitterverse@aweber.com

One Response to How to avoid some of the Twitter phishing scams

  1. Dave O from HootSuite says:
    01/03/2010 at 8:14 pm

    Thanks for sharing these tips to help protect unwitting Twitters from nefarious schemers and of course, thanks for using HootSuite.

    Along with the URL preview, HootSuite’s built-in link shortener also compares URLs with Google’s malware/badsite list and presents a cautionary warning when a link matches.

    We posted a bit more about this on the blog:
    http://blog.hootsuite.com/hootsuite-fights-malware-phishing/

    PS We’re sending the Olympic flame from Vancouver to London, take good care of it ;-) .

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>