How to prevent your Twitter account being hacked!
Every day we are seeing more and more charity / non-profits whose Twitter accounts have been compromised and start sending out Direct Message spam to your followers, who then become infected, some may say hacked although this isn’t entirely true.
Here is how your account is being compromised and how to prevent it from happening, please forward or tweet this article on, the more of you who know how to prevent this from happening the quicker we as a community can bring a halt to it.
The attack is a confidence trick and works in two parts.
Part 1 – The people I follow and follow me I trust.
An already compromised account sends you a direct message that looks something like one of these.
- lol , this is funny.
- lol, is this you?
- What’s your IQ?
- Take This Quiz!
- Win an ipad / iphone or other gadget!
or variations on the above themes. They all have one thing in common, they aren’t specific to you!! That is a big clue. A real message wouldn’t be so short and would contain more information or a comment from the person sending it to you. The URL used is also odd and not a Bit.ly or Tiny.url that many of twitter users use which is another clue the message isn’t genuine.
Part 2 – It looks like Twitter.com so it must be Twitter!
The second part of the confidence trick involves the URL added to the tweet (I removed them from the above examples to protect you). When you click the link believing you are about to see a video of yourself or take an “IQ test” you are presented with a duplicate of Twitter.com.
Your first instinct is to consider what you see to be the truth if it looks like Twitter.com it must be Twitter right? Wrong! A nasty scammer has made a duplicate of the Twitter site but is hosting it on their own server. When you log-in they copy your Twitter username and password and forward you on to the real Twitter.com.
You’re none the wiser, maybe a little confused as to where the “IQ test” went but will probably pass it off as a glitch and think nothing more of it.
You’re now part of the problem and sending fake messages to your followers and the cycle starts all over again!
Stop the rot, don’t click the link!
OK, so now we know how it happens. How to prevent yourself getting caught out is really simple, don’t click the link in the first place. If you get a DM with a link in it DM the person back and double check they really sent it.
This is especially true if you weren’t expecting a link from that person or have had little contact with them for a while.
Remember this attack can only work if users keep clicking the links and entering their details into these fake Twitter sites, help your followers and help the Twittersphere. Be extra careful with links sent to you via direct messages.
The alternative is damage to your brand as your account infects more and more of your followers. If your account has been compromised change your password or request a password reset from the Twitter support site.