Mightybytes - Design Driven Media

5235 N Clark St
2nd Floor
Chicago, IL
60640

P: 773.561.7529
F: 773.561.7548

Posted on

Twitter Phishing Hacks: What to Do

by Stacy

Twitter hacks have been on the rise since October and here are the things to do to protect yourself or recover from a hack immediately:
- log out of twitter
- clear your cache
- close your browser
- log back in
- change your password
- deactivate suspect connections.

We feel dirty cause we got hacked on Twitter.
How do clean-living, intelligent, digital-savvy folks get hacked? It happens.

Our wake-up call this morning was mobile notifications that we (but not us) sent a Twitter DM about an IQ quiz with an unusual shortened link. Thankfully, our posts are about technology and web trends, not IQ quizzes, so most people recognized this as suspect. (Many of whom notified us as such and thank you.)

Action Plan!
We quickly updated our Tweet status with a message that it was a DM hacking and please do not open or click any message from us that morning.
The phishing hack sent hundreds of DM messages. Gulp.
Our mind reeled back into our ‘tweexperience’ yesterday and remembered a DM sent by an industry colleague with seemingly benign verbiage:
“Check this out.” And a shortened URL. (Note: was not a Bit.ly or TinyURL.)

Come to find out, that colleague had been hacked by this DM phishing experience too.
If you have received a suspicious URL via DM or other, Twitter recommends these steps immediately.
Twitter SpamWatch (Twitter.com/spam) still exists as a good resource. The latest post was exactly about the current experience.
“We’ve seen a few phishing attempts today; if you’ve received a strange DM and it takes you to a Twitter login page, don’t do it! 12:59 PM Oct 28th from web.”

Twitter reports experiencing phishing in Jan. 2009 and another round seems to be underway since September, with this recent round re-emerging Oct. 28, 2009. Mashable has some great articles on these hacks with some details on messaging being used.

Twitter quickly responded with new “Report Spam features” that appear in the right column of your followers or who you are following.
Quick resources:
Twitter Compromised Account Help Page
Twitter Reporting Spam Page

How worried are you about safety of URLs in social media? Tell us in a comment.

2 Comments

So how do these work? Is it done through some sort of malware? Or does it all happen in the browser via shady links?

my twitter was hacked. they changed my password and e-mail i believe and can’t log on

Post a Comment