Twitter spam and phishing attacks are on the rise, which is unfortunate because it’s causing a lot of people to lose friends, often times unknowingly. For instance, last night I received nearly 25 spammy DM’s, all of which were from people that I don’t talk with on a regular basis. It left me in an awkward position because I didn’t have time to DM them all back to give them an update, but I knew that most of them were probably losing followers by the hour.
It all started with auto DM’s and Mafia Wars games. People would sign up, give access to the application, and then it would DM spam every one of their followers until either they all unfollowed them or they removed the application.
From there, it moved to more sophisticated attacks, such as the recent “Hey, is this you?” type of messages. There’s also the “hey, check out this I.Q. quiz thingy.” Although the links might seem harmless, they are actually bait to get you to click the link, give up your info, and then let your account be used against your will in the same way as before.
In the future, you can expect things to get worse, that is unless you do something about it. That’s why I want to educate you here, because it’s spam like this that can open your account to virus attacks, malware, or worse.
1. Don’t click DM links unless they are from someone that you talk to often or that you trust won’t fall prey to these attacks. If you see the same message over and over again, it’s a phisher. If you aren’t sure, then send a DM back and ask about the message. Most of the time, they won’t even know they sent one.
2. Check your outbound DM’s on a daily basis to make sure you aren’t spamming people. If you are, head to the next step.
3. If you do find your account compromised, then change your password immediately. In fact, it’s good practice to change your password often to avoid things like this. If your account does become compromised, it’s possible that you might lose access completely. If this happens, you’ll either have to appeal to Twitter to save your account…or you’ll have to start over from scratch.
4. Check your application preferences to see who you’ve allowed to access your account. Click on Settings -> connections to get that menu. If you can’t tell who’s using your account to spam others, then remove each one and start over. Only give access to programs you trust. Only use applications that use OAuth to access the Twitter API. If you don’t see it, then go elsewhere.
The problem with Twitter spam is that it often kills someone’s credibility and unless someone is kind enough to tell you that you are spamming them, you’ll see your follow counts dwindle without a clue as to why.
The best way to protect yourself is just to be smart and use common sense. If you see someone caught in a spam attack, let them know before you drop them. If that doesn’t work, then kindly move on. Remember, if the link looks suspicious, then it probably is.