We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,131 News Articles

Twitter security threats explained

Think Tweeting is harmless? Think again


While Twitter can be good for keeping up-to-date on the activities of your pals and colleagues, it's also a hackers dream. We look at the threats web users may encounter when using the micro-blogging service.

Follow me,please

A frequent goal of Twitter users is to build an audience; some people rate their profile a success if it has hundreds or even thousands of followers. A site called TwitterCut advertised that it would dramatically increase your base of followers-if you gave it your user name and password. Most security vendors deemed it a pay-per-click scam.

People who fell for the scam saw their Twitter accounts later used in a phishing attack, in which anyone who visited a link in the tweet wound up downloading a malicious PDF that then attempted to install a fake security product if the PC lacked the latest Adobe security update.

Gone phishing

Most Twitter phishing attempts, however, are more straightforward. Twitter routinely notifies users of recent followers by email, often with a link to the follower's profile. Recent phishing attacks spoof that email and contain a link to a faux Twitter log-on page.

Another variation sends out the tweet, 'Hey, check out this funny blog about you'. Clicking the URL takes the victim to a fake page. No matter how good the site looks, examine the URL, and think twice about entering info-especially if you are already logged in to Twitter.

Bad guys have tried more-subtle tactics, too, such as the porn-name game. According to the game, to create the name you'll use during your adult-film career, you take the name of your first pet and combine it with the street you grew up on, your mother's maiden name, or the model of your car.

Recognise those things? They're common security questions. By tweeting your answers, you could give away access to your Twitter account - or even to your bank account.

Some of the emerging security rules for using Twitter are common sense. Just as you wouldn't leave a phone message saying you'll be out of town, don't tweet your vacation plans.

And please don't share your location if you're a US congressperson going on a confidential overseas trip.

Just ask Representative Pete Hoekstra, who tweeted earlier this year: "Just landed in Baghdad. I believe it may be [the] first time I've had [BlackBerry] service in Iraq".

See also: 10 Facebook & Twitter privacy faux pas

Download FREE whitepapers:

Ten tips on security

Make sure your network is secure

PC security advice

Take part in PC Advisor's Broadband Survey 2009

  1. Think Tweeting is harmless? Think again
  2. Follow me, please

IDG UK Sites

OnePlus Two release date rumours: Something's happening on 22 July

IDG UK Sites

13in MacBook Air review, Apple's MacBook Air 2014 reviewed

IDG UK Sites

5 reasons to buy an electric car and 5 reasons not to

IDG UK Sites

Evernote Skitch: the best way for creatives to doodle feedback