In the last few weeks, Twitter hacking has run rampant and social spam is spreading faster than ever. While there’s no way to truly ever guarantee you’ll never be affected, most of it can be avoided with some simple insight and a healthy dose of precaution.
Spoiler alert: Stop clicking on links.
What follows is by no means a definitive list, but these tips should help you avoid falling victim to an obvious spam attack and prevent you from subjecting your friends and followers to the same. I’m not revealing any great mysteries here, especially if you’re a veteran Twitter user, however, I’m constantly surprised by whose accounts are spreading spam. It usually means they fell for one of the tricks below.
DM Spam: The most pervasive technique out there right now is a Twitter DM (Direct Message) that comes from one of the people you follow, and contains a link to a purported picture of you, or something that you won’t believe somebody said about you. This attack preys on your insecurities that someone out there is talking trash, or having a laugh at your expense. And it can be especially effective because it comes from someone you follow on Twitter, and presumably have some sort of relationship with, virtual or otherwise.
DM spam can be tricky, since comes from someone you know well, and therefore the message may seem authentic. But all it means is that they were likely fooled by the same scam, clicked the link, then ended up passing along the attack.
The lesson? Don’t click on links. You’ll likely just end up passing that DM along to everyone who follows you.
- If you get such a DM, delete the conversation, and if you want to be helpful, send an @reply to the offending party and let them know their account is sending spam; they may be unaware it’s happening in real time. Tell them to delete the conversations, and change their password ASAP.
@Reply Spam: The other common method is just a regular @reply to your account from a spam bot. Twitter spam bots (automated accounts) are relatively easy to pick out, although they’re getting more clever and convincing of late. But as a general rule, their avatars are usually blurry photos of attractive women, or the classic blank egg logo.
Before clicking on any link, go to that users profile page, and look at their timeline. What else are they posting? While spammers continue to try to make their bots look and feel more human. Some spam bots will copy tweets from humans. Others will report on social media news as if they’re a social media guru, then sprinkle in spam links every so often.
A few clues that they’re spammers:
- They repeatedly post the same links and content over and over again.
- Their posts are non-sequiturs.
- They post non-conversational @replies.
- They have zero or very few followers, but a ton of tweets.
- They’re still using the default egg avatar.
- They post about making money from home, or other classic spam topics.
So, to recap: don’t click on links. Any other tips I’m forgetting?