Sunday 31 July 2011

Keeping your Twitter account safe from hackers

Have you ever logged in to Twitter and seen that a friend has been sending strange tweets  and direct messages? Or worse still, have you logged in and found that YOU have been sending them and upset some of your friends - even though you weren't online at the time? Or maybe you suddenly find that you have followed people you have never heard of, or unfollowed some of your best friends?

One thing you can be sure of: as soon as somebody opens an account of any kind - an email account, a Twitter account or a Facebook account - somebody else will try to get control of it. Sometimes for criminal purposes such as identity theft, sometimes to try to get free advertising for their dodgy services, and sometimes to cause as much hassle as possible to as many people as possible. But as often as not, they do it simply to prove that they CAN. And while we  may wish the perpetrators would go and get themselves a life, we still need to deal with the trouble they have caused.

So how can you prevent it happening?

The number one rule is not to click on any links unless you are 100% certain where they are going to take you. Now if  you are a comper, you will be used to me saying "Click on the link in the tweet to make sure you have read the full instructions". No, I am not contradicting myself! If a tweet is clearly a competition tweet, then the link in it is safe. But if you get a tweet that has nothing BUT a link in it, even if it appears to be from your very best friend, STOP!!!! Don't click until you have checked with them whether they really sent it and what it is about.

Sometimes there won't be just a link, there will be a message saying "Is this you in the photo?" or "You have been mentioned in this blog" or "See who has been viewing your profile". All these are designed to lure you to sites where you will grant the application authority to access your Twitter profile before you can see the photo/blog/list in question. Then, of course, the photo, blog or list will be fake but the hacker has access to your account - authorised by you! - and can start sending messages from it.

So the next rule is: don't authorise any application unless you are 100% certain that it is a genuine application that will be useful to you. There are some wonderful applications out there that can really help you to manage your Twitter account, but make sure any you use has  been recommended to you by a reputable source. And  GENUINELY  recommended by them - not tweeted from their account by a hacker pretending to be them.

What should you do if you are hacked?

First of all, let all your followers know and warn them not to click in the links in any unusual messages you may have sent them.

Next change your password. To do this, go to your twitter home page and click on the arrow beside your name at the very top right, then choose "Settings" then "Password". The harder your password is for you to remember, the harder it is for a hacker to guess! So make it more complicated than your old one by mixing letters and numbers and not using a name or a recognisable word.  Don't forget that if you access Twitter through another application, such as Tweet Deck, or on your phone, you will need to change the password there as well.

Now revoke authority to all applications but the ones you know you use regularly. To do this, still on the Settings page, choose the "Applications" tab and click on "Revoke access" next to all the ones you want to remove or don't instantly recognise. It's OK to be quite ruthless about this as you can easily re-allow ones you revoke accidentally - they will simply ask you for authority next time you try to use them.

Finally, make your computer forget! Log out of Twitter (and remember your new password for when you log back in) then clear your cookies and history (in Internet Explorer you do this from the Internet Options menu under "Tools" or the little cog wheel) and, if you have time, restart your computer so that when it starts up again, it will have forgotten that your account was ever compromised!

I hope you never have to do any of this - but remember this page just in case you should ever need it.

No comments :

Post a Comment

Note: only a member of this blog may post a comment.