AllFacebook InsideFacebook InsideMobileApps InsideSocialGames SocialTimes LostRemote TVNewser TVSpy AgencySpy PRNewser MediaJobsDaily UnBeige

Posts Tagged ‘twitter phishing’

Check Your Connections Tab On Twitter (Because You've Only Got Yourself To Blame If It’s Full Of Crap)

I had a strange dream last night.

I was on Twitter when news broke on TMZ.com that Oprah Winfrey had died. I read the article, shared the link, and then went out.

This was all in the dream, remember. As it continued, I came back home after a couple of hours had passed and it turned out that TMZ had pulled the story, that it was a mistake, and Oprah was very much alive. However, my “Oprah Winfrey has died!” tweet was still sitting there in all its glory, and had started to generate thousands of really negative reactions. People were calling me a liar, saying I’d obviously put this out just to get attention, and so on.

As it continued, one guy – who was clearly a huge fan of Oprah (Stedman, perhaps) – got so pissed that he hacked into my Twitter account and hooked me up with all the worst auto-tweeting applications on the planet. Suddenly, ‘I’ was sending out all manner of garbage and some really offensive spew – tweets linking to porn, racist gibberish, etc. It wasn’t looking good.

Still dreaming, and as the complaints went from thousands to millions, I became increasingly frustrated at my inability to deal with the problem. The thing was, I knew what I had to do – it was as easy as visiting the connections tab on my Twitter account and revoking access to all the auto-tweeting crap that had been injected into my account.

But, much like those nightmares where you’re trying to run away from the monster but your legs are stuck or simply refuse to work, in the dream I somehow just couldn’t quite get there, and could only watch in horror as my good Twitter name was torn to shreds.

Suffice to say, I woke in something of a fluster.

Silly as it was, the dream had some purpose. This morning, I checked my connections tab for the first time in a while, and sure enough there were a couple of things in there that I didn’t recognise and immediately revoked. Thankfully, they hadn’t started sending out any auto-nonsense to my timeline, but that doesn’t mean that they never would have.

You see, the problem with giving permission on Twitter is it’s forever – unless you do something about it. There are no layers of permission, certainly from Twitter’s end. You’re either in, or you’re out. Sure, some of these apps let you configure your preferences at their end, but it’s easy to overlook this and it’s really easy to grant permission one day and totally forget all about it the next.

(Especially late at night after one or two raspberry daiquiris – but I digress.)

I’ve written about this before, but I needed reminding myself. It pays to check your connections on a regular basis – once a week is a good habit to get into. Certainly, if you find yourself auto-tweeting – which is never a good thing – check your connections first. Ninety-nine times out of a hundred the problem, and solution, will be in there.

As for Oprah – and just in case this article gets misinterpreted and becomes self-fulfilling and wholly ironic – she is, I would like to remind you, still with us.

(Although she hasn’t updated in a while.)

Mediabistro Course

Content Marketing 101

Content Marketing 101Get hands-on content marketing training in our brand new boot camp, Content Marketing 101! Starting September 8, digital marketing and content experts will teach you the tips and tricks for creating, distributing and measuring the success of your brand's content. Sign up before August 15 and get $50 OFF registration. Register now!

Twitter Adds Internal URL Shortener (Twt.tl) To Combat Phishing And Malicious Links

Over at the official Twitter blog, there’s news of a new internal URL shortener that Twitter has added to the platform.

The shortener, twt.tl, cannot be accessed directly at the moment. Instead, Twitter plans to route all submitted URLs through this new service so that it can “detect, intercept, and prevent the spread of bad links across all of Twitter”, adding that even if a link is shared by a different method (i.e., email notification), they will be able to keep the user safe.

Since these attacks occur primarily on Direct Messages and email notifications about Direct Messages, this is where we have focused our initial efforts. For the most part, you will not notice this feature because it works behind the scenes but you may notice links shortened to twt.tl in Direct Messages and email notifications.

It’s worth noting that when you see a URL shortened to twt.tl it doesn’t mean that the contents of that link are bad. One assumes that when malicious data is contained within a link, Twitter will simply re-route the user through to a stop page that prevents them from being affected, hopefully with an explanation as to what happened, alongside some encouragement not to retweet.

More details as they emerge.

5 Ways You Can Stay Safe On Twitter

As Twitter grows in popularity, like Facebook it begins to resemble almost an internet within the internet. Indeed, if Facebook is the second internet, there’s a strong argument that Twitter, even with its relatively slight 25 million users, is the third.

With all the good that comparison brings, it also means a lot of the less savoury elements of the web arrive in abundance, too.

Here are five tips (and the now-compulsory bonus) to help you stay safe on Twitter.

  1. Regularly change your password, particularly during any kind of phishing or XSS exploit. You don’t have to be paranoid, but use your common sense. If there’s any potential  risk to your password at all, why not just change it?
  2. Consider using a URL expander (or software where it comes built-in) before clicking on a shortened link. Most shortened URLs are perfectly safe, but a certain percentage are going to lead you to places you don’t want to go, and might be harmful to your computer. Again: common sense prevails. Do you know the user who shared the link? Do you trust them? Is this the kind of content they typically share?
  3. Be mindful of the things you say, as anybody could be reading. Who’s the worst person in the world that you can think of that might be reading your tweets? Your boss? Your mother? Your fiancée? If you always write with them in mind, you’re unlikely to go too far off course.
  4. If you post under an alias, considering reserving your real name for future use and to protect from identity fraud. You never know when you might hit it big. Even if you think there’s no chance whatsoever, it costs you nothing and takes less than five minutes. Why not do it?
  5. Take responsibility and make sure you’ve authorised all external connections to your account. If something is tweeting on your behalf, most of the time it’s because you ticked a box somewhere. Find that connection, and remove it.

BONUS: This is more of a request, actually – petition Twitter to let us backup our accounts. Currently, there’s no way to do this, which means if something happens to your profile there’s a risk you could lose everything. What if you get hacked, and the exploiter decides to delete everything you’ve ever written, unfollow all your friends, and generally run rampant? Sure, you can start over, but lots of us have a genuine history on the network. All those connections, and all that metadata, could be lost. There are various services that let you save your data offline, but there’s no way to get that back on to Twitter. And the only way I see that happening is if Twitter takes responsibility and provides us with this service.

I’ve made this point a couple of times but it’s worth saying again just in case it didn’t take – there’s no need to be paranoid about using social media. But it absolutely pays to be smart about it, too. And by following the guidelines above you can significantly improve the chances that your Twitter experience is always a good one.