Yesterday it was revealed that Twitter was hacked by a Turkish computer expert who posted details of a loophole that allowed users to ‘force’ others to follow them.
Worse still was the fact that as Twitter struggled to rectify the situation, it temporarily removed subscriber’s followers. Celebrities found themselves in the traumatic position of being unpopular…at least for a while!
On the flip side, the bug enabled millions of people to force celebrities, such as Lady Gaga, to follow their tweets simply by typing “accept@ladygaga”.
Farcical though the story was, it did highlight three major concerns that users should be mindful of:
1. While this attack was relatively harmless, the attacker could have directed users to a page full of drive-by downloads and exploits
2. Social networks are inherently viral, they multiply all by themselves. Just last week AVG discovered a variety of Facebook apps that were spreading via Friend lists to install adware
3. The web is the current attack surface of choice. You should be running some type of dedicated webscanning programme to help guard against harmful links.
So, how can users protect themselves against these types of hacks?
Limit what you say
It’s easy to tweet about where you are and what you’re doing, but do you think about who is listening? What might seem like a harmless comment initially could be used to piece together a picture of your whereabouts and plans! Unless your tweets are protected, they are going to be out in the public domain. Fraudsters can use this information in many ways!
Be careful what you click on
Be suspicious about links that you are sent and that are posted. Many people use URL shortners on Twitter so it is often very difficult to check what you are clicking on. AVG Linkscanner can help check suspicious links, but remember if in doubt, don’t click!
Be vigilant
Watch out for suspicious activity in your tweet stream and inbox. If you start receiving strange messages or your friends are being unusually spammy, it might be worth double checking their account hasn’t been compromised.
Think before you tweet
Remember the whole world can see what you write and even though tweets can be deleted, they are still searchable. Don’t tweet when you’re drunk/angry/emotional, while it is funny thinking about it the consequences are often not as amusing. Additionally, by including ‘hash tags’ increase the search for your chosen term so spend time considering exactly who will be searching for your tweets.
Don’t be too trusting
You can never be sure the stranger you ‘networked’ with via Twitter is who they say they are. Don’t be easily befriended by strangers on Twitter who may not have your best interests at heart.
Check third party applications
There are hundreds of applications out there for Twitter, before signing up to one of these check they are safe. You can do this by looking for mentions of the tools on trusted sites. Remember that the apps generally require your password and log in details so be extra cautious on sharing this information.
The same basic rules that apply to other social networking sites can also be applied to Twitter, so don’t forget the following too
Password information
Use different passwords, or even better still, set up separate email accounts for your social networks, that way if you stop your account you can easily delete the email account too. Be mindful of where you are sending your updates and the types of security questions you set.
Signing in
Check your browser settings on your computer, so that your information is not stored for anyone else to see if you are on a shared computer!
Watch out for phishing attacks
As Twitter gets more popular the likeliness of phishing attacks grows. Be aware of attempts to get users to give up their login and passwords by tricking them with fake tweets and direct messages.
Being mobile
Be mindful about who might have access to your mobile phone. If you have a Twitter application, make sure you log out once you’re finished with it.
For more information on how to protect yourself online, visit: www.avg.com
Roger Thompson is Chief Research Officer for AVG
0 comments so far
There are no comments for this post yet. Why not be the first by filling out the form below.