I came across this post by The Squashed Tomato today, it makes for interesting reading… Since joining twitter I’ve received my fair share of spam comments, some even from people that I know whose accounts have been hacked, and it’s becoming a proper mission to manage these spam messages. I’ve included the key points from the article, it’s common sense, but if you’re a twitter newbie it’s important to make sure you’re aware, find the full version here.
Interestingly though, an American blogger with over 50000 followers was recently discussing on her blog about how she manages twitter, and avoids spam in the process, read the article here. It’s a radical departure from how we approach twitter, and obviously it won’t work for a lot of people. I’m no where near 50000 followers there’s no need for a radical reworking of my strategy, but what I am going to do in light of her article is: 1) use twitter lists more actively, and 2) remember that “a Twitter follow is not a validation of your worth as a human, nor is it a stamp of approval from someone online that you’re awesome or not.”
The current spam wave appears in the form of Direct Messages (DMs). These messages come from accounts you know and follow, which makes them seem “legitimate”. There are, however, commonalities that allow you to recognise the spam:
1. The messages are almost always written in lower case (no capitals)
2. The grammar is usually poor
3. There is always a link
4. The messages ALWAYS intimate that you’ve been portrayed in a bad light, or similar, either on a blog, a website or in a video
The first rule is DO NOT CLICK ON THE LINKS! Clicking on the links allows the spam account to access yours, which then allows it to send out the same or similar spam messages to your followers, from your account. Most bots achieve this by way of taking you to what appears to be the Twitter login screen. Believing you’ve been logged out, you re-enter your login details and the spam bot accesses them.
It is a common misconception that this is “being hacked” – this is not the case. No one has taken over your account, or “hacked” into it: you’ve simply given a spam bot access to use your account by clicking on the links.
If you have clicked the link, and become a victim, immediately change your password. The more secure the better, so I encourage the use of numbers and letters. Make sure to set your browsing option (in your Twitter settings) to secure.
If you receive a spam DM, simply delete it to remove it from your inbox. If you feel it’s necessary, send the person a tweet to let them know their account has been compromised and to change their password. Keep in mind that they’ll probably be receiving the same tweet from most of their followers as well, to inform them.