How to Stop the Twitter Hack Attacks

With the rash of DMs and messages from people, it’s obvious that some ratfink A-holes are hacking into other people’s Twitter accounts and using them to DM their followers about weight loss or making money on Google.

If you’re lucky, you’ve only been receiving these DMs. If you’re not, you got hacked.

Michelle Wolverton at ChellePixie wrote a great post about how to recover from these Twitter phishing attacks.

Step 1 & 2 are the best advice: Stop clicking the links that get you hacked in the first place.//No seriously. Stop. (Erik’s step 3: Are you f—ing kidding me? I said stop it!!)

The problem is, these hacks are not just coming in from phishing links. We’re also being attacked by Twitter apps that ask for OAuth access into our Twitter accounts. Or it’s the older apps that ask for your name and password. It’s something we trusted, and our trust was betrayed.

It’s hard to resist sometimes. You hear about this great new app that will measure your Twitter followers, tell you how popular you are, and will even show you within three decimal places how much Chris Brogan likes you.

But don’t feel bad. Even John Wall of MarketingOverCoffee podcast fame — my favorite marketing podcast — got hacked too. Turns out it was one of several apps he was trying out.

The rest of Michelle’s advice, in a nutshell: clear your disk cache and quit your browser. Re-open it, and change your password, then revoke your OAuth permissions. You know what? Just go read her article, because she covers it much better than I will, and I don’t want her sending me angry emails about stealing her stuff.

The moral of all this? Some people are liars. Or damn liars. Or statisticians. If you were struck by the spam virus/phishing attack/e-demon possession, I’m not blaming you — very much — because you were probably tricked into becoming a victim. But you were tricked because you clicked on a link that came from someone you trusted. Yet, they were tricked by someone they trusted, and so on. You were lied to because they were lied to.

So here are three ways you can avoid this kind of thing in the future:

  1. Don’t authorize any external, third party apps to access your Twitter account, whether you’re using OAuth or the old username/password method, UNLESS you know for sure that they’re safe. If you’re not sure, ask other people whether they’re using it. Don’t even blindly trust people like Chris Brogan or Jason Falls. After all, John Wall got tricked, and he’s pretty smart. If you’re not sure, play it safe, and just don’t use it to begin with.
  2. If you get a DM from someone that doesn’t sound like something they would send, especially your friends, email them and ask if they sent it. If you don’t have an email, @reply them and ask. Don’t make them feel bad, just say something like “Just checking: Did you mean to send me a DM about how much money you made on Google?
  3. Install the Power Twitter plug-in and the Preview plug-in on Firefox (step 4 – Use Firefox, not Internet Explorer). These plug-ins will let you view most shortened URLs to see if they’re really going where they claim. Preview will work on any links on any website, and PowerTwitter will do it for nearly any link on Twitter. The latter has saved me from a few links.

Finally, change your password, even if you haven’t been hacked. It’s a good practice to have anyway, but changing it once in a while is just smart.

19% of Internet Users Are on Twitter

Want proof that Twitter is not just a flash in the pan? Check out the latest research from Susannah Fox, Kathryn Zickuhr, and Aaron Smith at the Pew Internet & American Life Project.

According to their most recent report, 19% of all Internet Users are now using Twitter or some other micro-blogging service. This has grown from December 2008 and April 2009, when only 11% of Internet users said they used a micro-blogging service. This report follows 10 months after Pew Internet reported that 35% of all adult Internet users have a profile on at least one social network.

In other words, not only are the adult populations on social networks growing, but Twitter and micro-blogging usage is growing as well.

There are three populations who are responsible for this growth: social network users, mobile Internet users, and younger (under 44 years) Internet users.

(Let me first take this opportunity to thank the Pew Internet & American Life Project for recognizing that 42 is still young.)

I was particularly interested in these findings, and the idea that people who are on Facebook, MySpace, and LinkedIn are 35% more likely to use Twitter, as compared to the 6% of Twitter users who don’t use anything else.

The message to marketers, public relations flaks, and crisis communicators is that while you shouldn’t put all your eggs in one social media basket, you are more likely to reach people if you stick with Facebook, LinkedIn, and Twitter, because they’ll be on more than one network.

Find the two or three networks they’re likely to be on, and focus most of your energies on them creating deep and wide networks, rather than spreading yourself out to 8 – 10 different networks and keeping a shallow presence on each of them.

(Hat tip to my good friend Lalita Amos for turning me on to Pew Internet & American Life. These guys are a font of information!)