How To Avoid Being Hooked By Phishing Scams On Twitter

big fish 300x300 How To Avoid Being Hooked By Phishing Scams On TwitterOver the weekend I received over 20 phishing scam direct messages from Twitter folks I know. Frankly, I’m surprised it took so long to see phishing scams on Twitter.

Twitter has not been hacked.

What has been hacked is human nature. These phishing scams use the same psychological approach that’s been used for years:

Create desire in the user that will motivate them to click on a link and enter their username and email. Typically this desire will feel gossipy and/or sensationalistic.

Here are a few direct messages I received:

“Getting paranoid. WTF kind of a site is this?”

“hey look at this funny blog”

And my personal favorite:

“Hey, I can’t believe they put your picture on this blog!”space 250x25 How To Avoid Being Hooked By Phishing Scams On Twitter

Two Rules of Thumb

1. If the website asks for your username and password (and “twitter” is the subdomain rather than the main domain), chances are your being fished.

gone phishing on twitter1 How To Avoid Being Hooked By Phishing Scams On Twitter

2. If reading the direct message feels similar to reading the World Weekly News (gossipy and/or sensationalistic), chances are your being fished.

dick cheney robot heart weekly world news How To Avoid Being Hooked By Phishing Scams On TwitterThe moral here? Use your smarts.

More info on the the most recent Twitter phishing scam can be found on the Twitter blog and in an article called “Security Issues in Social Media Shouldn’t Put Nonprofits Off Networking Online” on the Wild Apricot blog.

If you found this post useful, leave a comment, subscribe, or find out how I can help your non-profit.

Rehydrate your inbox here. Send hate mail here.

Read more articles about Twitter
  • http://isabeljoelyblack.wordpress.com Joely Black (@TheCharmQuark on Twitter)

    Good tips. I didn’t get any of the DMs, of course. Basically playing on the desire you have to see yourself up on display in a public place, I suppose. There was an app on Facebook that did it to advertise. “Your friend just posted a new photo of you! Find out who!” And of course none of my friends have photos of me to post, so…

    I’ve always taken the advice not to click on links in emails and to check the subdomains, but it’s amazing how many people get caught out. We’re very trusting.

  • http://www.How-To-Twitter.info Daiv Russell

    I’ve been hammered by the phishing attacks in droves. Twitter lets you broadcast little tweets to everyone who’s on at the time. The problem is, it would seem that not everyone understands how it works, or the instructions are too complicated for those who aren’t computer savvy.

    I was working on a video course to introduce people to Twitter – helping them get started, or to help others get started who they wanted to introduce to the addictive world of Tweets become one of their Tweeps.

    I’ve decided to change my filming schedule around a bit and do a piece on Phishing that I’ll be giving away, rather than charging for it. I think it’s the “responsible” thing to do.

    The site’s not up yet, but it will be http://www.Using-Twitter.com by the end of the day. I want everyone to be able to avoid this and keep Twitter a most excellent place for people to hang out, socialize, and network.

    - Daiv http://Twitter.com/DaivRawks

  • Pingback: Hump Day Reading for the Restless Soul