How to protect yourself as Twitter scam cons rise alongside the popularity of microblogging: Internet Scambusters #354
2009 has turned out to be “The Year of the Twitter Scam.”
The growing popularity of microblogging sites like Twitter has sparked a corresponding rise in social networking scams.
In this issue, we highlight the five most common types of Twitter scams and give you tips on how to minimize the chances of falling for them.
Let’s check out today’s main topic…
Twitter Scam Incidents Growing: The 5 Most Common Types of Twitter Scams — and 10 Ways to Avoid Them
Security experts are increasingly alarmed by the number of Twitter scam incidents showing up on the fast-growing “microblogging” site of the same name.
Many Scambusters readers and subscribers will already know about Twitter. And maybe you’re even a “tweeter” yourself. So bear with us while we explain for those who don’t know about it.
Simply put, Twitter is an Internet service where you register to get your own page where you post comments and messages up to 140 characters long.
Other members can opt to “follow” you, so they can see your “tweets” and those of others they follow, on a composite page.
And, of course, you can also choose to follow people whose microblogs interest you. These may be friends, relatives or just folk who share a common interest. Again, you get all their tweets on a single, scrolling page.
Don’t worry if you don’t ‘get’ Twitter. Many people don’t until they try it, or until they have a friend show it to them. Beware though, because Twitter can become very addicting for some. 🙂
It’s good fun for millions — and a commercial opportunity akin to email for people who want to market their products and services, including, of course, Twitter spammers.
Since some people eventually accumulate many thousands of followers, they have a ready audience for whatever they’re trying to sell — whether it’s an opinion or a birdhouse. (Some celebrities and politicians have over a million followers.)
Hardly surprising then that the mushrooming growth of this social networking site has given birth to a number of Twitter scams.
Here are the main types of Twitter scam:
1. “Easy-money, work-from-home” schemes
With this Twitter scam, firms claim they can show you how you can make money by promoting other people’s products to them.
They charge a modest sign-up fee, typically a couple of dollars, but when you pay (with your credit card) you’re also signing up for a recurring monthly membership fee of around $40 for ongoing tips.
Now, there are many legitimate membership sites that charge recurring monthly fees. However, what makes these Twitter scams is that the membership explanation is either completely hidden or non-existent — and it’s almost impossible to cancel and get your money back.
Needless to say, the only people making money from this scheme is the Twitter scam artist.
For more on phony work-from-home schemes, check out these articles:
2. Promises of thousands of instant followers
Whether you want lots of followers out of personal vanity or to plug misguidedly into the Twitter scam outlined above, you might be tempted to sign up for a service that offers to deliver thousands of followers literally overnight.
They claim to be able to do this by identifying other Twitter users who automatically follow anyone who follows them.
Some even claim they have built up databases of people according to their interests, so you can be sure you are targeting the right people with your “tweets.”
Well, they may or may not be able to do all of these things but they’re really no different from people who sell email addresses to spammers.
They charge for the service, of course, and if you buy, you could end up being accused of trying to send Twitter spam and be banned from Twitter.
3. The Twitter phishing scam
Well, what did you expect? Anyplace where there’s a chance of netting someone’s personal details is a haven for phishing — the technique of fooling people into disclosing things like passwords, Social Security numbers and other confidential information.
Twitter phishing scammers have a number of different tricks for doing this but they mostly boil down to the same fatal step — getting you to click a link that takes you to what appears to be a Twitter sign-on page where you give them your password.
Once they have that, they can pretend they’re you and use your account for evil purposes — like spreading more Twitter spam or infecting other people’s computers.
One sneaky Twitter scammer invited followers to make up a username using their answers to three common sign-on secret questions, “just for fun.”
For example, your first pet’s name, your mother’s maiden name and your first car, might yield: TrixieDoeTBird.
Scores of people responded, giving this Twitter scammer a possible route to hacking into their various online accounts by answering their secret question to get a new password!
Read more about phishing in this Scambusters article: Phishing Scams: How You Can Protect Yourself.
4. Spreading viruses and spyware
This Twitter scam is in full swing, using tempting messages like “Just saw this photo of you” followed by a link that, when you click it, takes you to a site that uploads malware onto your computer.
Sometimes, by exploiting the phishing technique outlined above, the message may seem to come from one of your regular followers, perhaps even a friend or relative. In reality, their Twitter account has been hijacked.
There are some clever variations of this Twitter scam. For instance, one site offered a program that, when installed, supposedly would tell you who had been checking out your Twitter profile.
It did nothing of the sort. Instead, it installed spyware.
5. Other money-making Twitter scams
Twitter scammers have developed lots more cunning ideas that try to fool you into parting with your hard-earned cash, some of them variations of scams we’ve seen many times before in other guises.
For instance, you may get a message from someone you know claiming to be in trouble and asking you to wire cash. In fact, their Twitter account has been hijacked by a scammer.
Or, you may have been tweeting about a product you want to buy, when you get a “direct-message” tweet from someone who claims to work for the manufacturer or retailer and offers to sell you one at a bargain price. Of course, they want your credit card number.
Then there’s the tweet that tells you you’ve won a cell phone. You just have to send them your existing number so it can be transferred to the new device. In fact, you’re signing up for a monthly astrology service charged to your phone account.
By the time you read this, some other Twitter scam merchant will probably have come up with another ruse to try to relieve you of information or money.
So here are 10 quick tips to help you avoid Twitter scams:
- Be very careful signing up for work-from-home services connected with Twitter, and make sure you know exactly what you’re signing up for.
- Don’t sign up for services that claim they’ll get you more followers.
- Before entering your Twitter password on any sign-on page, check that the address bar shows http://twitter.com/. Beware of anything that uses another word on either side of “twitter.”
- Change your password frequently, and immediately if you think your account may have been compromised.
- Be wary about clicking on links, even ones that appear to come from people you know. Get to know those you are newly following before trusting any of their links.
- Make sure your Internet security software is up to date so that if you do click on a bad link it will alert you if it takes you to a malware site.
- Don’t automatically follow people who follow you. Visit their profile page and beware of anyone whose tweets consist mainly of links, or who appears to be following lots of people but has hardly posted any messages.
- Never give away confidential information about yourself in a tweet, even if it all seems perfectly innocent.
- Carefully check out programs that sign on to Twitter for you and fetch your messages. They can increase your security but they also need your password — so make sure they’re legit by doing a search first. Popular legit services includes TweetDeck and Twhirl.
- Simply don’t believe any message that says you won something. You didn’t.
Latest estimates suggest Twitter has at least 40 million subscribers and it’s one of the fastest growing social networking sites on the Internet — and a correspondingly big source of social networking scams.
If you’re one of those 40 million, or thinking of becoming one, have fun — but stay vigilant and watch out for that Twitter scam.
That’s all for today — we’ll see you next week.