Social Media Logistics: Twitter, Round III. Avoid the Phishing Scams
Across Sunday and Monday of this week, a phishing virus erupted and spread across Twitter. Operating under the guise of a "Direct Message" (a "DM," a private message Twitter users send to one another, in many ways comparable to a 140-character email), the virus quickly and effectively spread spam messages across the Twittersphere.
DMs are often more intimate and certainly less-frequently used than a typical public Tweet. Such being the case, when the phishing virus attacked users' inboxes, in many cases those users automatically mistook it for a genuine message from a close friend and, without thinking, clicked the link embedded in the message "LOL that you??" or "somebody wrote something about you in this blog here."
As Mashable's Adam Ostrow reports, the following cycle occurred: "That short URL asks users to log in to, but one look at your browser’s address bar indicates that it is not Twitter you’re logging into, but a third-party site that looks like Twitter. Once you provide said site with your login details, it DMs your followers, hence creating the viral loop that is the anatomy of a Twitter phishing scam."
The impetus behind the creation of such a virus is that once it reaches a certain critical mass and is circulating at a high rate, the creator will attempt to make a quick (and dishonest) buck by meshing paid-for spam ads into the phishing message. Of course, if the virus is discovered soon enough, the circulation is diminished significantly and quickly, that dishonest buck goes unmade.
So what does this all mean for your business's Twitter page? Is it corrupted interminably? Is your personal information somehow used against you in an identitiy theft scam?
The short answers to these questions are "very little," "no," and "no."
If you discover your small business has fallen victim the this relatively harmless social media marketing virus - i.e. your friends and colleauges pass you a message saying you're DMing spam - you simply have to change your password and the DMs will stop. It's that simple.
However, there is a certain level of mild embarassment you bring onto yourself in falling victim to this virus, and certainly a level of annoyance you've brought to others. We recommend posting a tweet (perhaps several) to this affect as a mea culpa: "Sincere apologies to all for the direct message spam. We fell victim to the latest phishing scam, but have remedied the problem. Thanks!"
How do you prevent a similar mistake in the future? The Three Ships Media team recommends following @safety and @spam for regular information on issues as they develop and periodically checking the Twitter status blog, a regularly updated feed for information on Twitter systems. For more tips, visit Twitter's Keeping Your Account Secure page.
The rule of thumb is: never click links sent by people you don't recognize, and never provide information to a third-party site. If you run into a serious bind, give the Three Ships Media team a call (919.880.9032).
Reader Comments
Comments are moderated. It may take some time for your comment to appear.
There are no comments yet. Be the first to create one!
Leave a Comment