Spam, viruses and glitches, oh my! You’ve been hacked on Twitter! Well, hopefully after reading today’s post you can avoid such a horror.
Today I bring you a very special guest. I have gotten to know Jay Donovan through the work he does with WANA International. He’s one of those great guys to have handy when you experience technical difficulties.
I run a popular column, “The Mortal Instruments Examiner.” Earlier this year my Twitter account was hacked. Since nearly all my page views came from Twitter and people relied on me for news about Cassandra Clare’s bestselling series,’ this was very bad. I only wish I knew Jay then!
Take it away Jay!
Thanks for inviting me to guest post Natalie! *straightens shirt collar* I didn’t realize there was a dress code.
Natalie and I were chatting about some of the tech challenges she faces living in Saudi Arabia and she mentioned in passing about her Twitter account being ‘hacked’ and being used to send messages.
I can hear some of you asking, “Why would someone want to hack someone’s Twitter account?”
It’s all for money. The hacker’s goal is to make money selling something. The greater the number of compromised accounts they control, the more traffic they generate and the greater the number of people who will buy the product. (That’s why spam doesn’t go away – it works well enough to justify the effort.)
The Twitter hack works like this: A victim clicks a malicious link or runs a malicious Twitter application (I’ll explain this later) which gives the hacker access to their account. Now the hacker posts spammy links on the victim’s tweet stream. The hacker also starts sending DMs with a malicious link to all the victim’s followers so the hacker can take over their accounts too.
The best way to avoid getting your account hacked is to be cautious of any links you click on. If you get a DM from a friend saying “I can’t believe this is you” with a link, don’t click it – especially if the message is grammatically different than normal. DM them back to verify that the link is real or to let them know that their account has been hacked.
Oh no! My account was hacked!
So, you clicked that link DM’d by a friend who said a site had compromising pictures of you? Or you ran a program you thought would just tell you who wasn’t following you back? (Speaking of that Natalie… *coughs* ☺) Unfortunately, the app came with a bonus(!) — the programmer added a “back door” to get access to your account. Crud!
Don’t panic. Don’t even change your password right away. Odds are much higher that your account was compromised because you gave access to a malicious program than them guessing your password. The first thing you need to do is to go through the list of applications that can access to your Twitter account. It’s a very good idea to do this once in a while anyhow.
Here’s how to do it.
1) Open your Twitter account in a web browser.
2) Click the little gear in the top right corner.
3) Click Settings
4) Click Apps
5) Go through the list of Applications and “Revoke Access” on every application you don’t trust. If in doubt, revoke it and then grant it access again later. (FYI, Storify is a great app, I’m just using it as an example.)
6) Now you can change your password. Since apps can’t get your password, I’m not sure it’s needed, but it can’t hurt.
7) Delete any tweets and DMs sent by the hacker. If you know what app caused your account to be hacked, tweet a warning so others can avoid it.
Now that your Twitter account is safe, if you have any questions about Twitter hacks or other Internet Security / Privacy questions, ask them in the comments.
I’m teaching a class on March 28th at 4PM EST covering a wide range of Internet security & privacy topics – including how to best hide behind a pen/stage name. There will be at least an hour of open Q/A time where you can ask me any questions you have. If you’re wondering about some tech thing being plausible in your novel, we can brainstorm it out there. ☺
My class is titled Who Wants to Know? Internet Privacy and Security and you can register at: http://wanaintl.com/event-registration/?ee=125
The class is normally $40. You can save $5 by using coupon code ‘hacking’
Jay has been a geek since before geeks were cool. He’s done it all, from remotely debugging the Internet connection for a US aircraft carrier deployed to *REDACTED*, to being responsible for the servers and networks for one of the largest Internet sites in the world, and the most challenging job of them all – parenthood. He’s trained as a Certified Ethical Hacker (yes, really!) and always uses his geeky powers for good. When he’s not neck deep in wires and computer parts, you’ll find him hanging out on Twitter as @jaytechdad.