Twitter Security – It's Everyone's Responsibility

As one who manages several Twitter accounts, both for personal and professional, there are several key security precautions you must be cognizant of when using the popular social networking service. Phishing and spam are alive and well on Twitter, and it isn’t stopping anytime soon. One recent example of why security is everyone’s responsibility, is when the official Verizon Support (@VerizonSupport) Twitter account was compromised and used to send followers a direct message inviting them to take an IQ quiz.

Pictured to the right is a screenshot of the Direct Message (DM) spam that I received from Verizon Support’s Twitter account. Why I follow Verizon’s Support is grounds for another blog entry; the point is, a professional Twitter presence was shattered by their account compromise. What good is a Twitter presence if you’re going to let spammers drive your account?

9 Foolproof Ways to Secure Your Twitter Account

Security is more than Twitter’s problem, it’s yours. If everyone would just think for a moment instead of taking ridiculous IQ quizzes, which are merely fronts for CPA offers, the Internet would be a better place. I decided to share a few security principles that apply to Twitter below.

1. Use a strong password. (And change it regularly). We all know this one, but often we choose a simple password because we are forgetful or merely for convenience for using third-party apps. I know when I joined Twitter, I used a simple password, but once more people got on there, I changed it to a much more secure password.
2. Do not join “get more followers” or “follower trains.” These services are designed like a pyramid scheme, where the only person getting followers is the person (or people) at the top. Not only are illegitimate followers a sign of a Twitter deadbeat, these services will also Twitter without your knowledge. If you’ve used these services, change your password to revoke their access.
3. Be aware of who you authorize your Twitter account to. If you’re not sure who has access to your Twitter account, go to http://twitter.com/account/connections and review the apps and services that can Tweet on your behalf. From there you can effortlessly revoke access.
4. Businesses: Properly train anyone who uses your Twitter account. This includes proper Twitter etiquette, account security and advise them not to click all links that people direct towards them. Also noteworthy to add that knowing which account they’re Tweeting from before Tweeting is a good idea to avoid personal Tweets going out from the business’ moniker.
5. Do not click any links found via DM or Public Reply (@). This is a difficult one to follow on Twitter, considering that it has become a dumping ground for marketers to push their wares to people. Consider that clicking unknown link could result in your account being phished or malware being installed on your machine.
6. Do not take any “IQ Quizzes” or watch videos featuring “you.” The trend in Twitter spam is to engage people to take IQ quizzes and to watch a hilarious video of you. This is often a front for collecting Twitter credentials and to push CPA offers your way, spamming your followers or installing malware on your computer. It’s all junk. If a friend Tweets this to you, warn them their account may be hacked.
7. Don’t Login “Twice” to Twitter. If you click a link and are presented with a Twitter login screen, do not proceed. The same problems with phishing have migrated from MySpace over to Twitter. Don’t be a victim, be aware.
8. Use updated anti-virus software. Some links on Twitter might take you to unsafe pages on the Web. Be sure to use an updated anti-virus for your computer so you don’t end up installing something you regret. For me, I use AVG Free, but you’re pretty much fine with others available on the market.
9. Stop using IE. Even today, Internet Explorer contains many vulnerabilities and performance issues. IE has the great ability to install undesired toolbars that you might not know are running. These toolbars can sniff your credentials and transmit back to attackers. In fact, botnets have sprung up via Twitter. Use Firefox, the world loves you better with it.

So, considering that Twitter is a dumping ground of links lately, you might wonder how you can check shortened links out further. It’s actually easy. For Bit.ly, just append a “+” on the end of it and it will take you to an “middleman” page that will provide stats on the link including the destination URL. For other shortened URLs on Twitter, you can verify links through TweetDeck, where an option exists to show you link details when you click links. Very helpful!

Don’t be a victim, be aware of what’s going on. Very quickly, Twitter has become the “Aol.” of social media, resulting in unsavory activity taking place within, causing people to abstain from using the service even more. Twitter’s security is not isolated to Twitter alone, it’s basic security principles that include the likes of Email security, Facebook security and of course, MySpace security.

Do you have any Twitter security tips? Let me know and I’ll add them to the list.