The micro-blogging Twitter phenomenon has captured global fancy and provided an instant platform for expressing your every thought in 140 characters or less. Unfortunately, Twitter has also captured the imagination of spammers, scammers, and criminals. Here are some Twit tricks you'll want to avoid.
Twitter Phishing Scams
If you click a link in Twitter and it leads to a page requiring you to login, do not login.
It's really that simple. If you think the login request is legitimate, open a new browser window and type in the link to twitter.com. Login on to twitter.com via the main page. Then go back to the tweet in question and click the link. If it is legitimate, it should no longer require you to login with your Twitter account details. If it's a phish, it will still prompt you to login.
You can also test this by entering completely bogus login credentials. If the page in question accepts those fake login credentials, you can bet it's a phish.
Scammers want your real Twitter login details so they can send similar phishing messages to all of your contacts - using your good name as bait.
Twitter Replies from Strangers
If you receive an @reply from a stranger, don't click any links it may contain. If you simply cannot resist the urge to click, use a Twitter client that let's you hover over any shortened URLs to see the full link. Nambu (for Mac) supports short url preview; Windows users can preview shortened URLs via TweetDeck.
You can also use longurl.org to preview short links before you click. If you aren't able to preview the links or can't tell from the preview whether it is safe or not, using NoScript with Firefox can prevent malicious javascript or XSS attacks. Still, the best defense is to simply never click links sent from strangers.
Trendy Tweets
Spammers are quick to take advantage of hot trending topics. One of the most popular scams involving Twitter Trending Topics is using the interest to distribute scareware links. If you follow Twitter Trending Topics, be especially cautious about clicking any links. Follow the same tips outlines in "Twitter Replies from Strangers": don't click. If you must click, preview short URLs first and use NoScript to avoid malicious scripts and XSS attacks.
Promiscuous Friending
If you are running a virtual popularity contest and insist on following (and being followed) by anyone and everyone, then you're setting yourself up to be victimized. Instead of popularity, what you're really demonstrating is a willingness to receive tweets from anyone - including scammers, spammers, and criminals.
Obviously if you're Ashton Kutcher, popularity (aka fame) is your core business. But take a look at Ashton's twitter account and you'll find that even though he has millions of followers, he isn't a promiscuous friender - he's following only a couple of hundred in return. And considering Ashton's wide appeal and presumably huge circle of real friends, a few hundred is a drop in the bucket. Take a cue from Ashton - be followed, but only follow those you know and trust.
Twitter Phishing Scams
If you click a link in Twitter and it leads to a page requiring you to login, do not login.
It's really that simple. If you think the login request is legitimate, open a new browser window and type in the link to twitter.com. Login on to twitter.com via the main page. Then go back to the tweet in question and click the link. If it is legitimate, it should no longer require you to login with your Twitter account details. If it's a phish, it will still prompt you to login.
You can also test this by entering completely bogus login credentials. If the page in question accepts those fake login credentials, you can bet it's a phish.
Scammers want your real Twitter login details so they can send similar phishing messages to all of your contacts - using your good name as bait.
Twitter Replies from Strangers
If you receive an @reply from a stranger, don't click any links it may contain. If you simply cannot resist the urge to click, use a Twitter client that let's you hover over any shortened URLs to see the full link. Nambu (for Mac) supports short url preview; Windows users can preview shortened URLs via TweetDeck.
You can also use longurl.org to preview short links before you click. If you aren't able to preview the links or can't tell from the preview whether it is safe or not, using NoScript with Firefox can prevent malicious javascript or XSS attacks. Still, the best defense is to simply never click links sent from strangers.
Trendy Tweets
Spammers are quick to take advantage of hot trending topics. One of the most popular scams involving Twitter Trending Topics is using the interest to distribute scareware links. If you follow Twitter Trending Topics, be especially cautious about clicking any links. Follow the same tips outlines in "Twitter Replies from Strangers": don't click. If you must click, preview short URLs first and use NoScript to avoid malicious scripts and XSS attacks.
Promiscuous Friending
If you are running a virtual popularity contest and insist on following (and being followed) by anyone and everyone, then you're setting yourself up to be victimized. Instead of popularity, what you're really demonstrating is a willingness to receive tweets from anyone - including scammers, spammers, and criminals.
Obviously if you're Ashton Kutcher, popularity (aka fame) is your core business. But take a look at Ashton's twitter account and you'll find that even though he has millions of followers, he isn't a promiscuous friender - he's following only a couple of hundred in return. And considering Ashton's wide appeal and presumably huge circle of real friends, a few hundred is a drop in the bucket. Take a cue from Ashton - be followed, but only follow those you know and trust.
SHARE
