If you’ve ever logged into Twitter, but didn’t check the URL to see if it really said Twitter.com in it, you may have logged into a fake site which stole your password. Which can make you very confused and angry!
Urgent UPDATE FROM TWITTER
If Twitter has detected that you have sent links to a fake Twitter site that steals passwords, they assume you have been hijacked. So many people have recently had their passwords stolen thatTwitter is AGAIN resetting passwords on many accounts. Read on to learn more:
https://twitter.com/safety/status/128951993728372737
What Can I Do If Twitter Doesn’t Reset My Password?
If you see tweets or DMs going out that you didn’t create, or if someone tells you that you make be sending hijacked messages, change your password and revoke any apps that you don’t need or don’t recognize (you’ll need to be logged into Twitter.com to see this page https://twitter.com/login?redirect_after_login=%2Fsettings%2Fapplications ).
How Does This Happen?
Once your account has its password stolen, it is commonly used to send messages to your followers with links to fake sites.
Messages sent from hijacked accounts include dozens of variations, such as
• “Someone is saying really nasty stuff about you here”
• “Automated DM, You are tweeting too much”
• “Read this, it says really bad stuff about you”
• “Saw a real bad blog about you”
• “Lol! Is this you in this pic?”
If you’ve ever clicked on a link from one of these messages, you will have found yourself at a fake Twitter login page. If you didn’t wonder “why am I being asked to login?” or look carefully at the URL, and went ahead and logged in, your password was stolen
How Can We Prevent This In The Future?
Twitter deactivates bad URLs in links as soon as it realizes they are bad. Unfortunately, the bad guys keep changing the links.
One of the best ways to stop this is to let anyone know who sends you a link like this that they have been hijacked, and direct them to this blog post or to http://bit.ly/accountamiss. We need to help one another!
It’s important to teach people that spam-like messages might NOT be from spammers, but from innocent accounts that had their passwords hijacked. So when you see such a message, you may want to let the person know they’ve been hijacked.
How Else Can My Account Be Compromised? Fake Emails “From Twitter”
First, if you think you’ve gotten an email that appears to be from Twitter.com but looks suspicious, forward it to spoof@Twitter.com. You’re helping catch and stop the spammers.
Never open an attachment or install any software from an email that claims to be from Twitter; it’s FAKE. Also, Twitter will never email you, direct message you, or @reply you asking for your password.
Friends Or Employees
If you’ve ever left your computer unattended, or had someone who accessed your Twitter account via an app, they could compromise your account.
Apps can remain connected to Twitter even after you change your password.
So if you are firing anyone who accesses your account via an app, you may need to do more than change your password.
Passwords Stolen From Other Sites
Whenever a website is hacked such that the hacker get user passwords, they often then try them on major sites such as Twitter, Gmail, Yahoo, Facebook, and so forth.
You can protect yourself by adding one letter to your password to make it unique for every site you use. For example, if your password is 123!_@Abc, simply make it 123!_@AbcT for Twitter, 123!_@AbcF for Facebook, etc.
No comments:
Post a Comment