Sarah Palin Victim of Social Media Identity Theft, LaRussa Drops Suit

/1 Comment/in , , , , , , , , , , , , , , , /by

Robert Siciliano Identity Theft Expert

Since the beginning of the presidential campaign, Sarah Palin has used Twitter and Facebook to communicate with the public. Impostors have taken every opportunity to jack her persona, even hacking into her personal email account.

Now, hackers and impostors are chiming in on Sarah Palin’s resignation. The Twitter profile for ExGovSarahPalin snags and reuses graphics, photos and tweets from Sarah Palin’s “Verified” Twitter acount, AKGovSarahPalin. This fake Palin account is still live as of this writing. In one tweet, a Palin impersonator invited followers to her home for a barbecue. Her security staff was reading these tweets and quickly dispatched security personnel to her home to intercept unwanted visitors.

Twitter has a “parody impersonation policy” that permits impersonation, as long as the parody is clear to readers. It’s puzzling to me that they would allow this, particularly in the case of the fake Sarah Palin account, which is plastered with Governor’s likeness.

Social media is not prepared for this type of use. And Twitter should rethink its policies.

Meanwhile, USA Today reports that St. Louis Cardinals manager Tony LaRussa, who has also fallen victim to social media identity theft and has sued Twitter, claiming damage resulting from “cybersquatting” and misappropriation of his name, has now dropped his lawsuit. One report mentions an out of court settlement that compensates LaRussa for his legal fees and includes a donation to his favorite charity. Twitter co-founder Biz Stone blogged a denial of such a settlement.

Financial identity theft is impossible to prevent 100% of the time, and so is social media identity theft. However, there are ways to lock down your name and protect yourself, or at least to mitigate the potential damage to your name and reputation.

As we spend more time online, meeting people, posting photos and offering glimpses into our personal lives, here are some action steps to keep Social Media Identity Theft at bay:

1. Register your full name and those of your spouse and kids on the most trafficked social media sites, blogs, domains or web based email accounts. If your name is already gone, include your middle initial, a period or a hyphen. It’s up to you to decide whether or not to plug in your picture and basic bio, but consider leaving out your age or birthday.
2. Set up a free Google Alerts for your name and get an email every time your name pops up online. Go to iSearch.com by Intelius and search your name and any variations of your name in what would be a screen name.
3. Set up a free StepRep account for your name. StepRep is an online reputation manager that does a better job than Google Alerts does of fetching your name on the web.
4. Consider dropping a few bucks on Knowem.com and other sites like them. These online portals go out and register your name at what they consider the top social media sites. Their top is a great start. The user experience is relatively painless. There is still labor involved in setting things up with some of them. And no matter what you do, you will still find it difficult to complete the registration with all the sites. Some of the social media sites just aren’t agreeable. This can save you lots of time, but is only one part of solving the social media identity theft problem.
5. Start doing things online to boost your online reputation. Blogging is best. You want Google to bring your given name to the top of search in its best light, so when anyone is searching for you they see good things. This is a combination of online reputation management and search engine optimization for your brand: YOU.
6. If you ever stumble upon someone using your likeness in the social media, be very persistent in contacting the site’s administrators. They too have reputations to manage and if they see someone using your photo or likeness they would be smart to delete the stolen profile.
7. Despite all the work you may do to protect yourself, you still need the Intelius Identity Protect service I’m working with and recommend coupled with Internet security software.

Robert Siciliano, identity theft speaker, discusses scams.

Social Media Identity Theft Hits MLB Coach On Twitter

/0 Comments/in , , , , , , , , , , , , , /by

Identity Theft Expert Robert Siciliano

The scourge of identity theft knows no boundaries. It can happen to anyone: rich, poor, good credit, bad credit. Victims include children, the elderly, celebrities and politicians, even the dead. Identity theft may include new account fraud, account takeover, criminal identity theft, business identity theft and medical identity theft. Most of these result in financial loss.

One form of identity theft that is particularly damaging to the victim’s reputation is social media identity theft. Social media identity thieves have various motivations. The most damaging type of social media identity theft occurs when someone poses as you in order to disrupt your life. This disruption can take on many forms. They may harass and stalk you or your contacts, or they may steal your online identity for financial gain.

In the case of St. Louis Cardinals manager Tony La Russa, someone created a Twitter account in his name. La Russa is suing Twitter, claiming the impostor Twitter page damaged his reputation and caused emotional distress. The lawsuit includes a screen shot of three tweets. One, posted on April 19, read, “Lost 2 out of 3, but we made it out of Chicago without one drunk driving incident or dead pitcher.” Apparently, La Russa has had a drunk driving arrest and two Cardinals pitchers have died since 2002. One pitcher died of a heart attack, the other in a drunk driving accident.

There is no limit to the damage someone can do by using your name and picture in order to impersonate you online. In Milwaukee, Wisconsin, an 18 year old student was accused of posing as a girl on Facebook, tricking at least 31 male classmates into sending him naked photos of themselves, and then blackmailing some of these young men for sex acts.

Social media websites were created with the intention of bringing people together in a positive way, but we are beginning to see these sites being used in very sinister ways. The root of the problem is the fact that social media sites are all based on the honor system, with the assumption that people are honestly setting up accounts in their own names. There are few checks and balances in the world of social media, which means that you need to adopt a strategy from yet another form of predator to protect yourself.

There are hundreds or even thousands of social media sites, including Facebook, MySpace, Twitter and YouTube. Even your local newspaper’s website has a place for user comments, and most people would prefer to register their own names before someone else has done so on their behalf.

I have obtained over 200 user names pertaining to my given name in order to mitigate social media identity theft. This may sound obsessive, but the two examples given above are all the proof anyone needs to clamp down on social media. I’m on everything from Affluence.org to Zooomr.com. Some I use, others just have my profile and a link back to my website. I should also mention that there are some hazards involved in such a mission. You may experience a spike in spam, as I did, so I suggest creating an alternate email address. Furthermore, some websites make you join various groups that you don’t have much control over. I’m now a member of some masochistic fetish group of the opposite sex. Not exactly what I signed up for. So be careful.

The goal is to obtain your real first and last name without periods, underscores, hyphens, abbreviations or extra numbers or letters.

These tips bear repeating:

  1. Register your full name and those of your spouse and kids on the most trafficked social media sites, blogs, domains or web based email accounts. If your name is already gone, include your middle initial, a period or a hyphen. It’s up to you to decide whether or not to plug in your picture and basic bio, but consider leaving out your age or birthday.
  2. Set up a free Google Alerts for your name and get an email every time your name pops up online.
  3. Set up a free StepRep account for your name. StepRep is an online reputation manager that does a better job than Google Alerts does of fetching your name on the web.
  4. Consider dropping $65 on Knowem.com. This is an online portal that goes out and registers your name at what they consider the top 120 social media sites. Their top 120 is debatable, but a great start. The user experience with Knowem is relatively painless. There is still labor involved in setting things up and with some of the 120. And no matter what you do, you will still find it difficult to complete the registration with all 120 sites. Some of the social media sites just aren’t agreeable. This can save you lots of time, but is only one part of solving the social media identity theft problem.
  5. Start doing things online to boost your online reputation. Blogging is best. You want Google to bring your given name to the top of search in its best light, so when anyone is searching for you they see good things. This is a combination of online reputation management and search engine optimization for your brand: YOU.
  6. If you ever stumble upon someone using your likeness in the social media, be very persistent in contacting the site’s administrators. They too have reputations to manage and if they see someone using your photo or likeness they would be smart to delete the stolen profile.
  7. Or do nothing and don’t worry about it. But when some other John Doe does something stupid or uses your name in a disparaging way or for identity theft, and people assume that it’s you, remember that I told you so.
  8. Despite all the work you may do to protect yourself, you still need identity theft protection and Internet security software.

Robert Siciliano, identity theft speaker, discusses social media privacy.

How to prevent social media identity theft

/8 Comments/in , , , , , , , , /by

Robert Siciliano Identity Theft Expert

Two words: you can’t. However, there are several things you can and should do in order to manage your social media identity, which may prevent social media identity theft. What exactly is social media identity theft? It’s a form of cybersquatting using social media sites.

If you’ve ever attempted to join a social media, more commonly known as a social networking site, or applied for an email account, and found that your first and last name were already taken, that may or may not have been social media identity theft, or cybersquatting.

There may be someone out there who shares your exact name and happened to register first, or else there is someone out there who took your name so that you can’t have it, or who wants to sell it back to you, or wants to pose as you and disrupt your life. These are all possibilities.

The most damaging possibility occurs when someone wants to pose as you in order to disrupt your life. This disruption can take on many forms. They may pose as you in order to harass and stalk you, or to harass and stalk people you know. Or they may steal your social media identity for financial gain. Throughout my years working in the field of financial crimes and identity theft, I’ve seen plenty of social media identity theft that led to financial loss. The thieves use a combination of email and social media to extract funds from others, or to open new accounts.

There are hundreds, or maybe even thousands, of social media sites (FacebookMySpaceTwitterYouTube), web-based email providers (hotmail.com, gmail.com, yahoo.com) and domain extensions (.com, .net, .biz). Then there are all the blog portals, such as WordPress and Blogspot. Even your local online newspaper has a place for user comments, and most people would want to register their own names before someone else comments on their behalf.

Social media websites offer the option to provide your real name as well as a user name. The user name may be a fun chat handle or an abbreviation of your real name. The key is to give your real name where requested and also to use your real name as your user name. Even if you don’t plan on spending any time on the site, or to use the domain or email, you want to establish control over it.

The goal is to obtain your real first and last name without periods, underscores, hyphens, abbreviations or extra numbers or letters. Your ideal name, for example would be twitter.com/RobertSicilianoRobertSiciliano.com, orRobertSiciliano@anymail.com. This strategy won’t prevent someone else from registering with your name and adding a dot or a dash, but it trims down the options for a thief.

Some names are very common, or are also owned by someone famous. If that applies to your name, you can still take actions to manage your online reputation. If there is any uniqueness to your name or the spelling of your name, it’s still a good idea to claim your name in social media and work toward managing your online reputation.

Understand that your name is your brand. Your name is front and center on every document you sign and every website that shows up when your name is searched. The phrase, “All I have is my good name,” has never rung truer than today. If you are a writer, blogger, personality of any sort, or anyone who “puts it out there,” you probably already know enough to do these things. But there is more to do.

If someone, perhaps a potential employer or mate or client, searches your name on Google Web, Google Blogs or Google News, what will they find? Will it be someone else posing as you? Will it be a picture of you doing a keg stand? Or will it be you in your nicest outfit, accepting an award for an accomplishment? Either way, you need to manage your online identity and work toward preventing social media identity theft.

This isn’t an easy task. Nor is it fun. It can be time consuming and almost overwhelming. But I believe that the long term rewards are worth it.

  1. Register your full name and those of your spouse and kids on the most trafficked social media sites, blogs, domains or web based email accounts. If your name is already gone, include your middle initial, a period or a hyphen. It’s up to you to decide whether or not to plug in your picture and basic bio, but consider leaving out your age or birthday.
  2. Set up a free Google Alerts for your name and get an email every time your name pops up online.
  3. Set up a free StepRep account for your name. StepRep is an online reputation manager that does a better job than Google Alerts does of fetching your name on the web.
  4. Consider dropping $65 on Knowem.com. This is an online portal that goes out and registers your name at what they consider the top 120 social media sites. Their top 120 is debatable, but a great start. The user experience with Knowem is relatively painless. There is still labor involved in setting things up and with some of the 120. And no matter what you do, you will still find it difficult to complete the registration with all 120 sites. Some of the social media sites just aren’t agreeable. This can save you lots of time, but is only one part of solving the social media identity theft problem.
  5. Start doing things online to boost your online reputation. Blogging is best. You want Google to bring your given name to the top of search in its best light, so when anyone is searching for you they see good things. This is a combination of online reputation management and search engine optimization for your brand: YOU.
  6. If you ever stumble upon someone using your likeness in the social media, be very persistent in contacting the site’s administrators. They too have reputations to manage and if they see someone using your photo or likeness they would be smart to delete the stolen profile.
  7. Or do nothing and don’t worry about it. But when some other John Doe does something stupid or uses your name in a disparaging way or for identity theft, and people assume that it’s you, remember that I told you so.
  8. Despite all the work you may do to protect yourself, you still need identity theft protection and Internet security software.

Robert Siciliano, identity theft speaker, discusses social media privacy.

Privacy Is Dead, Identity Theft Prospers

/1 Comment/in , , , , , , , , , , , , , , /by

My information is in lots and lots of different places. I sacrifice a lot of privacy because of the nature of my business. If I wasnt so dependant on eyeballs I’d live much differently. However to participate in society on any level, privacy becomes a dead issue. Accept it. Or live in the jungle in Africa.

A CEO of a major software company declares, “You have zero privacy, get over it.” In response, the FTC states, “Millions of American consumers tell us that privacy is a grave concern to them when they are thinking about shopping online.”

Do you agree? Is privacy dead? Do you share your “status” on Facebook? Twitter? Do you have a MySpace page? A blog? Do you post your family photos on any of the above, or on Flicker?

The statement, “You have zero privacy, get over it,” was made by Scott McNealy, former chief executive officer of Sun Microsystems, in 1999. That was 10 years ago. Before the phrase “social networking” or the word “blog” entered our lexicon.

Here we are in 2009, when that statement is 100 times more true than it was 10 years ago. When you ask people if they are concerned about online privacy, they respond with a big, loud, angry “YES!” Then they hypocritically use their Facebook pages to inform the world that they are about to go on vacation. Which means that the lights are off and nobody’s home.

It isn’t just web users voluntarily giving up their privacy, it’s also corporations and government agencies gathering data as a form of intelligence. This data might be used to sell you something or it could be used to protect us in the form of Homeland Security.

Our personal information can be bought and sold. “Information brokers” sell our data to anyone with a credit card. One of the largest publicly traded information brokers in the world is a company called ChoicePoint. Last time I checked, they had 19 billion records on file. And one of their biggest customers is the US government.

So even if you don’t update your Facebook status to tell the world you just made a tuna sandwich, chances are, your phone number, your most recent address, or even your anonymous chat handle can be found on Zabasearch.com or iSearch.com. If you’ve ever committed a felony, your data may be on CriminalSearches.com Heck, just Google yourself.

At least head to Facebook and lock down your privacy settings. You get to them from the Settings –> Privacy Settings menu.

If you are reading this, you are participating in society. The price you pay is sacraficing your personal identifying information in order to get an Internet connection, credit, a car, medical attention, to go to school or buy a pair of shoes. While many citizens scream against Big Brother and corporate America abusing their trust, many will also give up all their privacy for ten% off a new pair of shoes.

All this makes it very easy for criminal hackers to commit identity theft. They use this available data to become you. Since your data is already out there, you’d better invest in identity theft protection and make sure your PC is up to date with Internet security software.

For more information, I recommend You Have Zero Privacy – Enjoy It! by Mike Spinny, and Cyberwar’s First Casualty: Your Privacy by Preston Gralla and Why give up Privacy? by Bob Sullivan

Robert Siciliano, identity theft expert, discusses background checks.

Identity Theft Speaker; Confickers Threat Hasn’t Waned www.IDTheftSecurity.com

/4 Comments/in , , , , , , , , , , , , , /by

Robert Siciliano Identity Theft Expert

We are not out of the woods with this one.

Conficker’s rise and fall and the passing activity of the worm on April 1st has allowed researchers and anti-virus companies to better understand the virus and its impact. While April Fools was supposed to be the day of reckoning for Conficker, it wasn’t and still isn’t a joke.

Viruses often come with a trigger date, as pointed out by CNET. And while many fail to meet the media hype, they still can and often do cause millions or billions in damage.

The media does what it does and reports on the news. While they or even I may not always get the facts straight, the impetus is still there.

In a “Conficker Postmortem,” CNET examines the media frenzy and points to a humorous spoof that Wired ran, a fake live blog from the “Conficker Worm War Room.” CNET also points out that, “The New York Times called it an ‘unthinkable disaster’ in the making. CBS’s 60Minutes said the worm could ‘disrupt the entire internet,’ and The Guardian warned that it might be a ‘deadly threat’.”

The positive result of this media hype is that it brings attention to an ongoing problem for an audience that never considered themselves vulnerable to these issues. In my world, even Facebook friends and Twitter followers who had never reacted to previous posts on a plethoraof IT and personal security issues are finally starting to ask the right questions.

“Your mom’s virus,” as we knew it, has become a part of popular culture. In a sense, this is a good thing, because it’s now water cooler talk with the same level of buzz as Britney Spears going nutty. We in the security community couldn’t ask for more and better attention, that may potentially enlist an army of security moms. Thank you, Conficker!

Still, Conficker is the most sophisticated virus to date and is still waiting to strike, which can very well lead to major data breaches and identity theft. As the virus continues to call home for the yet to be delivered update, researchers have determined an estimated 3.5 to 4 million PCs are infected on the Conficker botnet, which is the most powerful and dangerous aspect of Conficker.

Overall totals of infected computers may still be between 10 and 15 million. Many of those have a dormant virus that has the capability to wreak havoc, or that may have already been rendered impotent by anti-virus providers and IT administrators who have taken advantage of numerous solutions by McAfee and others.

What the public needs to understand is this infection is anything but over. The virus phones home every day looking for its next set of updates, which could still have catastrophic results if the virus ever reaches its full potential.

The risk here is that a virus of this kind has technology that can disable anti-virus software and that prevents access to numerous websites which provide automatic security updates, including Windows.

Today, Brian Krebs from the Washington Post points out the similarity’s to Y2K potential bug, just as I did last week. “In one sense, the response to Conficker could be compared to that of Y2K: A great deal of smart people threw a whole lot of resources and energy at a fairly complex problem and managed to turn a potentially very ugly situation into a relative non-event.”

The attention that Conficker brought upon itself has rallied security professionals to be on their highest guard, which is exactly where they should be.

See Robert Siciliano, identity theft speaker, discussing hacking for dollars.

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out Uniball.com for more information.

Identity Theft Expert; Conficker Virus Countdown

/1 Comment/in , , , , , , , , , , /by

Robert Siciliano Identity Theft Speaker

News of Conficker out of control then under control is everywhere.

60 minutes reports on everything we have discussed in these posts. Main stream media has recognized the Internet has a cancerous virus and is infected. Criminal hackers are creating viruses infecting webpages in record numbers all in the name of money.

Security professionals are losing sleep as they race against the bad guys in anticipation of the next big breach.

Conficker is big news as its infecting mainly corporate networks at an astonishing estimated 10-12 million PCs and this sleeper cell is set to get its next set of updates April 1st.

Like Al Queda operatives living amongst us, cyber terrorists waiting for their next communiqué from a remote cave, Conficker waits to strike.

Nobody knows what’s going to happen April Fools, but security professional have a plan. Do you?

By all accounts Conficker has the potential capacity to steal data or launch a massive denial of service attack which encompasses massive amounts of data, flooding the Net, bogging down mainframe servers that distribute data to our inboxes.

60 Minutes used the example of what I did on CNN describing a Facebook hack and used a Morley Safer Facebook account that may be hacked with Conficker and begins to send messages to Morleys friends. Then Leslie Stahl who is a Morely “friend” receives an email looking like it’s from Morelys Facebook account to click a video. That video has a destructive payload that infects Leslies machine and the virus replicates itself to Leslies contacts.

Now Morelys PC has a virus that records all his keystrokes and Leslie is just as vulnerable. Bank accounts are cracked, credit card log-ins are stolen, the contents of their My Documents folders are copied and sent to Turkey and identities are stolen. People who don’t have any identity theft protection face years of dealing with creditors who accuse them of being bad debtors.

Malware is showing up on thousands of websites compromised in numerous ways and infecting computer users whose defenses are down.

Most attacks can be prevented with updated anti virus like McAfee or others. But with an estimated 15,000 new infections daily it’s difficult for the every day user to protect themselves unless they are automatically downloading virus definitions. And that may not be enough.

Criminal hackers come in all shapes and colors from every corner of the world. Russian hackers are often depicted as the best of the worst. These cyber criminals are often put on a pedestal in their communities as they brag about their accomplishments, hacking wealthy hacker Americans and stealing 10s of thousands of dollars monthly and spending that money in their remote villages.

Russian authorities generally don’t prosecute and may even employ criminals to steal from greedy Americans. As long as hate and money are motivators, foreign governments will groom and incite talented 14 year olds into a life of crime.

This story is far from over.

Robert Siciliano Identity Theft Speaker discusses online banking security here

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information

Identity Theft Expert; Cybersquatting Leads to Fraud

/1 Comment/in , , , , , , /by

Robert Siciliano Identity Theft Expert

Ever click on a link from an email or while surfing and something just wasn’t right? The domain name in the address bar looked like a letter or two off? A misspell? Maybe it had a number tossed in there for good measure? This is either cybersqautting or typosquatting and its a problem.

Cybersquating is the act of procuring someone elses trademarked brand name online as a dot com or any other US based extension.

Cyber squatters squat for many reasons including impostering for fun, hoping to resell the domain, using the domain to advertise competitors wares, stalking, harassment or outright fraud.

Grabbing someone’s given name is also a form of cybersquatting and is happening in social networks and on Twitter. Twitter is affected by Twittersquatting where peoples names and an estimated top 100 brands have been hijacked.

There are also bunches of Kevin Mitnicks ( hacker) on Facebook that even prevented the Gent from accessing his own Facebook account. Facebook fixed the problem after Mitnick rightfully bitched then CNET made a call. Then Facebook listened. Facebook said “We are very aggressive in fostering and enforcing our real name culture and sometimes we make mistakes. But it’s rare, and it’s been fixed.”

Cybersquatting is also done maliciously for fraud. The Identity Thieves will jack a domain similar to that of a bank and create a spoofed site for phishing. Often if the domain isnt available, then the next best thing is Typosquatting. Annualcreditreport.com was a victim of that. More than 200 domains were snapped up right after the site launched.

This is just one more reason to protect yourself from identity theft.

Back in the day, I was accused of cybersquatting! Here. I wasn’t I swear! Back in the early 90’s with my IBM PS1 Consultant 3.1 Microsoft operating system and a rockin 150mb hard drive, I bought me up some domains as well. Some that I sold, others I regrettably gave up and one that will haunt me till the day I die.

I owned LEDZEPPELIN.com for about 5-6 years. Led Zeppelin then and now is my band, and as a fan I bought the domain as a keepsake. I would get emails from people globally like “I am Paulo from Brazil, I love the Led Zep!”

Then when Clinton passed a law later making cybersquatting illegal, I knew it was a matter of time. I had it for 5 years before anyone from the bands team of lawyers approached me on it. And when they did I didn’t know how to handle it. And my lawyer at the time even less so. Ultimately I gave it up without a fight on my part, but I’m sure the bands lawyers billed them for the 1 inch thick book of a lawsuit I was served with. Sorry dudes. My bad.

In this case the lawyers saw an opportunity to build a case against me, a fan that would have been happy with a stupid guitar pick from Jimmy. Instead I sat in silence for a year while they built a huge case as to why they should own the domain. When served, I freaked and called them yelling to take it, I never wanted that.

One of few regrets. But I have a nice 1 inch thick book about me and the band and why I’m an idiot.

Anyways back to cybersquatting. A recent report from the NY Times sourced MarkMonitor, a domain name seller and company that protects brands names from misuse, tracked an 18 percent rise in incidence of cybersquatting.

Which means as a brand or individual (or band, eesh) get your name on social network sites or domain name NOW. Then get your kids names as well.

Because they may be Zeppelin famous and have to fight a twit like me.

Robert Siciliano Identity Theft Speaker discussing DNS issues Here

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information

Twitter Is a Security Mess

/0 Comments/in , , , , , , , , , /by

Robert Siciliano Identity Theft Speaker Expert

Mischievous Hack attacks on Twitter are increasing and it seems there is no end in sight. While twitters developers are working to make it more secure, the open nature of the application fuels mischievous and even criminal hacking.

Twitter is microblogging. In 140 characters or less you tell your followers what you are doing or point them towards something that may enhance their lives. Most Tweeple are twits and say nothing of value. Their tweets are mundane and serve no benefit to anyone.

If you don’t use Twitter thats OK. But there is a chance you eventually will. Many thought they’d never use Facebook, but millions do. Micro blogging is a weird phenom that makes sense to many, and not at all to most.

Users can get tweets via email, on your phone or via SMS texts. People have sent tweets while giving birth, in the crowd watching the Obama inauguration, celebrating New Years, and just about anything you can think of.

I’m on Twitter. I spend my energies informing my readers about security. The most effective tweets have a pithy title related to an article, blog post or TV appearance. All security related.

Since Twitters inceptions hundreds of 3rd party applications have been built around Twitter. Apps that enhance, manage or are just for fun. Much of twitters technology is an open book which has allowed hackers both good and bad to build these apps, and of course wreak havoc.

One such hack is using a Twitter accounts mobile phone number to spoof messages to the users followers.

Other Twitter hacks have included full account take over where messages were sent to all followers of Obama, Britney Speakers, Fox and a CNN anchor.

Recent studys also show that Twittersquating, when brand names are hijacked is also a problem on Twitter

So if you decide to Twitter, know that its not very secure and be cautious about plugging your mobile number into the system.

Robert Siciliano Identity theft Speaker Expert discussing Scams Cons and Schemes Here