Posts

Twitters ups its Security Game

Twitter recently announced its new tool to help with management and monitoring of its users’ accounts: the Twitter data dashboard.

7WAn article on lifehacker.com details what this new tool will offer. For instance, you will not need to use your real name on Twitter—and I have to admit, this is an odd way to promote the tool, because I’m sure that scads of Twitter users haven’t been using their real name for years. It’s not as though Twitter can tell that “Emily White” is really Sashea Fiopwieei.

Anyways, users will be happy that their privacy settings will let them control whether or not their tweets are kept public. You will be able to enable login verification to increase your account’s security.

The Twitter data dashboard can be accessed from the settings menu that users can find on twitter.com. It shows the user’s account activation details and recent login history. It also reveals any devices that have accessed the account.

This setup allows the user to review account activity in an expedient way and make sure that everything looks right.

Now suppose you notice login activity from an unfamiliar app. You can go to your settings and look for the apps tab and revoke the application’s access to your account.

The lifehacker.com article also points out that if you notice logins from unfamiliar locations, you can immediately change your password.

You also have the option for setting up login verification to add an extra layer of security to your account. Twitter’s new dashboard will let you manage your Twitter archive and control your address book contacts, among other items that you will have more jurisdiction over.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Twitter Crime on the Rise

Twitter is now beginning to see a substantial rise in active users. A recent report found that the percentage of Twitter users who have tweeted ten or more times, have more than ten followers, and follow more than ten people rose from 21% to 29% in the first half of 2010.

Spammers, scammers, and thieves are paying attention.

In the physical world, when communities become larger and more densely populated, crime rises. This also applies to online communities, like Twitter and Facebook.

Twitter’s “direct messages” and “mention” functions are laden with spam, often prompting users to click various links. Why anyone would want me to “Take a Good Look at Hypnotherapy” is beyond me, but someone must be buying because the spam keeps coming.

Common Twitter scams include:

Hijacked Accounts: Numerous Twitter (and Facebook) accounts, including those of President Obama, Britney Spears, Fox News and others have been taken over and used to ridicule, harass, or commit fraud.

Social Media Identity Theft: Hundreds of imposter accounts are set up every day. Sarah Palin, St. Louis Cardinals Coach Tony LaRussa, Kanye West, The Huffington Post, and many others have been impersonated by fake Twitter accounts opened in their names.

Worms: Twitter is sometimes plagued by worms, which spread messages encouraging users to click malicious links. When one user clicks, his account is infected and used to further spread the message. Soon his followers and then their followers are all infected.

DOS Attack: A denial-of-service attack left Twitter dark for more than three hours. The attack seems to have been coordinated by Russian hackers targeting a blogger in the Eastern European country of Georgia.

Botnet Controller: One Twitter account produced links pointed to commands to download code that would make users’ computers part of a botnet.

Phishing: Hacked Twitter accounts are used to send phishing messages, which instruct users to click links that point to spoofed sites, where users will be prompted to enter login credentials, putting themselves at risk of identity theft.

Twitter Porn: Please, “Misty Buttons,” stop sending me invites to chat or to check out your pictures.

Twitter Spam: The use of shortened URLs has made Twitter’s 140 character limit the perfect launch pad for spam, shilling diet pills, Viagra and whatever else you don’t need.

To prevent social media identity theft, take ownership of your name or personal brand on Twitter. Protecting yourself from other scams requires some savvy and an unwillingness to click mysterious links. In other cases, you’ll need to keep your web browser and operating system updated in order to remain safe. Make sure to keep your antivirus software updated with the latest definitions, as well.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses hacking wireless networks on Fox Boston. (Disclosures)