In the last few days, I have seen the effect of a twitter worm spread rapidly through people’s twitter accounts. In the last fortnight, I have seen a 20x increase in the amount of spam Direct Messages (DM) I am receiving, and 95% of these spam DMs have arrived from people who were unaware that they had sent it. If you have been unfortunate, the most likely way your twitter account has been compromised has either been through giving your twitter password and user ID to an dodgy twitter application, or by clicking on a link sent to you in a Direct Message.
If you have discovered that your account has been hacked. Complete the following steps:
1) Switch off tweetdeck and Hootsuite completely (if these are running in the background after you have reset your password, you will be locked out of twitter for a few hours)
2) Delete any cookies from your system and clear your browser cache
3) Download and run this free (but very powerful virus scanner) http://conduit02.geekgalaxy.com/mbam-setup.exe (choose the quick scan option)
DO NOT skip this step. One of my twitter followers found that the twitter bug had disabled the security centre on his computer.
4) Now that you have removed any potential nasties on your machine, go into Twitter
5) Click on the setting link, click the connections tab and remove any twitter applications on the list that you do not use on a daily basis
6) Now change your twitter password
7) when you first go into tweetdeck or hootsuite you will need to change your twitter password to your new password
report your problem to twitter
To protect yourself in the future, do not give any twitter applications your twitter password – use the Oath sign-in method… and don’t click on any links in direct messages for the foreseeable future.
Related posts:
- How to use tweetdeck (or hootsuite) to help you win business on twitter The challenge that every business person on twitter faces is how to tune out the noise, and just listen, engage...
- So, what are twitter lists? How to use twitter lists......
- The secret to building up a targetted following on twitter… Many people will tell you that it is the quality not the quantity of followers on twitter which really counts....
- Twitter – an absorbing waste of time, or a powerful business marketing tool? Advocates of Twitter will say it’s essential for business. Other people will say it’s a time waster... So which is...
- Ten tips to get your heaving inbox under control and save time in the process Sorting out and dealing with e-mail can be a major headache - and lead to a huge amount of time...
16 Comments
excellent advice, thank you
So far I’ve been lucky and not been caught out by this twitter worm. I was getting tired of tweeting to people how to rid themselves of their twitter gremlins, so thought the best way to help more people was write it all out in a blog post.
Good advice, as always, Heather.
Just one thing, anyone using a Mac won’t be able to make use of the virus scanner under the Mac OS.
I saw these spam messages begin to proliferate and decided to protect myself by going in and changing my Twitter password. I recommend that every user changes their password regularly, preferably with one that is at least 8 characters long and containing a mix of letters, numbers and symbols.
That’s terribly boring tedious and dull but essential. On the Mac you can get 1Password to generate and store in encrypted form passwords. I think there’s probably something similar for Windows. Don’t rely on your browser to do it all for you!
Great advice. I’ve noticed a surge in DMs over the past few months. I refuse to open up a link on a DM; if I know the person I’ll ask them to send me an email with the link. I also use to twitter apps and never give out my log-in information. Too many bugs on the web.
I have a mac, have changed my password twice, and cleared the cache, but am still sending DMs to people unwittingly. Any advice?
Hello Sue,
Really sorry to hear about your problems. I am not a Mac owner, so not quite sure what the best course of action for you to do is. However, I suspect that you have given permission to a twitter application which is sending out the DMs on your behalf.
I would suggest you delete all the twitter applications (go to settings, and select connections), delete every application apart from possibly tweetdeck or hootsuite. On your mac run a virus scan to see if anything has left a little bit of malware on your mac – unlikely as it is a mac, but still a possibility.
Then clear your cache, cookies and change your passwords.
If that still doesn’t work, speak with an IT professional that supports macs.
Good Luck & let me know whether that works or not.
Just a couple of techy points. The program you are downloading is not an anti-virus, but an anti-malware program.
In addition the download from the site given above is out of date. (Although it does update) You would be better off downloading through:
http://www.malwarebytes.org/mbam.php
Which will always give you the latest version.
In addition it is worth checking the anti-virus software you are running and how often it updates. These days software should check at least once per day for updates, many programs will search more often.
If you are not running anti-virus software (does anyone not these days?) there are plenty of free programs which work as well (sometimes better) than purchased software. AVG free or Avast are just two, there are more. Check license details if you plan to use them on a work machine as most will require you to pay.
As yet there are no viruses that effect both PC’s and Windows so if this worm is effecting PC’s it won’t effect Macs. There are very few Mac viruses so opinion in the Mac community tends to be split on whether you need AV software on a Mac. If you feel the need Avast do a Mac version of their software.
As mentioned above programs exist that can generate and store passwords for you. I use Roboform which is also fills in forms for me (useful protection against key logging viruses which record keystrokes to get bank details and passwords).
Wait did I say just a couple of techy points….
Thanks Andrew – on the advice of my IT support person, I don’t run any anti-virus software on my machine.
I run windows vista & unless I click on a dodgy link & ask a virus to download onto my machine, I wouldn’t get any viruses on my machine.
In fact my machine is running faster and more reliably since I removed Macafee from my machine.
Very helpful advice Heather. having been hacked yesterday I appreciated your pointers and have done as suggested re twitter account – I’m on a mac so did not run the antimalware program.
The only thing I can’t work out – despite checking the help page on my twitter account is HOW to: Report my problem to twitter. Any further tips please?
Thanks Mark.
You need to submit a support request. The only link I found to this is from the troubleshooting section of the help forum – ‘help my account is compromised’
http://help.twitter.com/forums/10713/entries/31796
I hope that helps!
Very cool website, but you must improve your template graphics.
Thank you for the feedback. I will bear your comments in mind, when we next update the look of the website.
I came across your blog, i think your blog is cool, keep us posting.
I want to start my first site, what blog platform do you use and recommend for me ?
wordpress
Great info, thanks for useful post. I’m waiting for more
2 Trackbacks
[...] If your account is hacked, there are fairly simple steps you can take to claim it back – as outlined by the Efficiency Coach on her blog. [...]
[...] lillyfromwyoming | Again troubles. windows defender spyware.Nivas.hr blog » Blog Archive » Biohazard outbreak of wintems.exe – 28 hours later (how to get rid of a virus if you can’t boot to safe mode and your computer keeps deleting anti virus software)Finding The Right Trojan Virus Removal Tool | Latest NewsManual removal of malicious registry entries – spyware newsWhat to do if your Twitter Account Is Hacked… | The Efficiency Coach [...]