More and more of us are receiving strange and sometimes upsetting Direct Messages through our twitter account these days. “This blog is about you” “is this you?” “someone said this really bad thing about you…” Never, ever follow any of the links associated with these messages!
What I find most unsettling is that often these messages appear to be sent by accounts that I follow and value. No – these accounts didn’t cross over to the dark side of Cyber-junk! Most of these attacks are caused by computers that are infected by viruses that have nothing better to do than collecting your personal data and spreading themselves through your Social Media channels like Twitter and Facebook.
Of course your friends or favourite brands didn’t suddenly turn into vicious cyber-criminals. Most will not even notice that their account is spreading dangerous malware. But the damage done by these accounts can be very serious. An attack like this signals that your computer security was breached and that the personal information stored on that computer is potentially vulnerable. A number of your followers will unfollow you or even report you for spreading malware messages.
I am no specialist on Internet security so I consulted the blog of my Computer Support Specialist and friend Cate Eales (@catester). Lo and behold she just published one of her great “hands on” computer advice posts “What happened” about how to protect your computer from these kind off attacks.
I am following Cate’s advice and have changed my security software to her recommendations and (knock on wood) none of the accounts I handle have been compromised so far. Cates post is well worth reading but let me point out two of the statements that I keep repeating to anybody that wants to hear them (or is to polite to leave):
- “Think before you click” If it sounds too good to be true, it usually is. We all learned as kids “don’t go with strangers”. The same goes for emails from strangers or Social Media updates that sound too good to be true. If you are not sure if the offer you are given is genuine or not. Use the power of Social Media and ask the account that sent is for confirmation. Malware can’t read and answer (yet).
- Use a browser add on like “Web of Trust” I love this little helper that puts a little red circle behind every link that was previously reported as untrustworthy. I also use it to qualify new Twitter followers (stay tuned for a webinar and blog post on this)
Now it happened to you – your Twitter account sent out a gazillion DMs asking people to follow a malicious link. You are embarrassed and wade through piles of emails complaining about your messages. You are not aware of any wrong doing and you certainly didn’t open an online business selling drugs.
How could it happen?
- May be a scam was smart enough to lure you in? (don’t feel bad there are scores of programmers that try hard to trick you)
- Someone else using your computer was tricked without noticing it?
- A third party application you authorized was hacked?
What can you do? I found a very good support article in Twitter’s own Help Center
- Change your password – use a strong one with a combination of capitals, lower case, letters and numbers that you aren’t using anywhere else
- Make sure you tell all your programs and trusted applications your new password
- Revoke access to applications that you authorized on Facebook or Twitter unless you use them regularly
- Most of my clients are surprised when I show them the amount of programs they authorized over the years
- Monitor your Social Media platforms daily! Include a look at your “sent tweets” and “sent messages”
- Share what you learned with your friends! Help your friends stay safe and save them from danger. If you receive a suspicious message or see a known scam on someone’s Facebook wall – send them a message and tell them how to protect themselves
Update: Here is a great service that reminds you to check your authorizations once a month and goes through all of them: http://mypermissions.org/