Lollipop Local

The Direct Message arrived from someone that I didn’t know but who lived locally.

It said something to the effect of ‘I had such a good laugh when I saw this photo of you’.

And, despite all my training and experience of Facebook spam, I clicked!

At the time I thought that Twitter had already caught it because the link just took me to the home page for Twitter. However, this post from Ray at RESInfo-tech from whom the direct message originally came seems to suggest that the problem lies with Twitter itself and his account was not hacked at all.

The fact that he was following me but I was not following him means that he should not have been able to send me a direct message at all.

Whether it was a hack or not, opening the link and surviving unscathed meant that I was VERY LUCKY! What should have happened was that clicking on that link would allow something nasty into my Twitter account which would proceed to Direct Message everyone on my list of followers with a similar nasty surprise.

The Golden Rule in such cases is: Even if you know the person concerned, if it doesn’t sound right, DON’T CLICK THE LINK!

In any event, as with similar messages which appear on Facebook with irritating regularity, there are solutions to stop the hack from spreading further and precautions that you can take to avoid being hacked in the first place.

Should you start getting complaints from followers about spam from your account, go to the top right of your Twitter profile where you see your picture and name. There is a small triangle which indicates a drop down menu. Click this and then select ‘Settings’.

You will see a tab for Password, which allows you to change your password to something more secure. Make sure that it includes both capital and lower case letters, plus a number and, if allowed, a symbol. Harder passwords make it much more difficult for the hack to take place in the first place.

Best practice suggests that it is wise to change your passwords frequently but I know that many people struggle to remember them all – Keepass is a really helpful aid for this, an online depository for all such data which requires only one master password.

The final tab is for Applications. Go through these and ‘revoke’ the permission on anything new or suspicious and any that you have not used for a while. Hopefully, this will eliminate the problem but, if it doesn’t, it could be something that you use more often which has itself been interfered with.

Share This Content Tweet

Subscribe to Updates

This entry was posted on Saturday, September 17th, 2011 at 12:34 pm and is filed under Social Media, Twitter. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.