With the growing popularity of social networking web sites such as Facebook and Twitter, it should come as no surprise that cybercriminals are seeking to take advantage of lax security applications and improper protection protocols more frequently. Twitter, especially, seems to be a favored target of malware authors and hackers, judging by some of the recent news reports circling the Internet.
Background on Twitter Attacks
In May, a French hacker calling himself "Hacker Croll", managed to easily gain access to an administrative assistant's e-mail account, and from there collect information that allowed him access to the employee’s Google Apps account. Apparently those working at Twitter utilize the corporate version of this application to share documents and other information within the company. From this, Hacker Croll was able to steal more than 300 private company documents and leaked them to the public.
In August, a pro-Georgian blogger going by the nickname "Cyxymu" was the target of a denial of service (DDoS) attack, that affected not only his account on Twitter - which caused site-wide outage for several hours, as well as numerous other problems, but also caused issues for Facebook and LiveJournal, sites he had also had accounts with. Whether or not Cyxymu's allegations - that Russia was responsible for the attack - are true remains to be seen, but the ease with which this assault was orchestrated has left many cautious.
In September, a Twitter worm is able to spread via direct messages. The hackers that developed the software to
generates Twitter accounts are able to bypass CAPTCHA technology. The fake Twitter accounts post messages related to popular topics to deceive computer users to eventually click on the link within the fabricated message. When the machine-generated message is clicked upon, it will redirect a computer user to a site that distributes fake antivirus applications.
Attacks from cybercriminals on social network accounts and infiltration leading to the gathering of personal and financial information are not the only troubles many users face. Malware authors have been busy, too.
The most prominent danger to social networking sites currently is the Koobface computer worm. This deadly little parasite targets the users of such web sites as Facebook, MySpace, hi5, Bebo, Friendster and Twitter. Koobface spreads by delivering particularly innocuous-looking messages to friends, accompanied by a link. Accessing this link will cause the Koobface worm to be downloaded onto the user’s computer. Koobface then ultimately attempts, upon successful infection, to gather sensitive information from the victims such as credit card numbers.
These attacks have opened many people up to the fact that we are no longer as safe as we once more on the Web. In July, Los Angeles Officials expressed concerns over a multimillion dollar proposal to move government e-mails and other records onto Google's hosted Web service Google Apps, with regards to the attack by Hacker Croll in the month previous, and this is only the beginning.
At this present moment in time, it is difficult to make ourselves completely impervious to hacking attempts, but there are ways we can help to protect our computers, Internet accounts and personal and financial information.
Top 6 Twitter Crucial Tips to Keep your PC Safe from Malware Attacks
Below are the top 6 crucial tips to avoid and/or minimize your risk of a malware, worm or virus infection via social networking websites like Twitter:
Twitter Crucial Safety Tip #1: Keep your user profile info brief and do not visit user profiles during a Twitter attack
Keep your profile information short and never give out your personal information. This includes, but not exclusive to, your full name, e-mail address, physical address, and phone numbers. Do not reveal it to friends and family via Twitter, if you can help it. Should someone gain access to your account, this information will be easily discovered. Be aware that others can and will read your profile and your tweets, while others may have the option of re-tweeting your messages, which means that even strangers can view your tweets. Remember, once something is posted online, it never goes away regardless on whether you deleted the posted message or tweet.
During the period of a Twitter attack, it's best to avoid visiting suspicious Twitter user profiles that are apparently infected with a worm or other type of online threat. The Web is a good source to find out the latest news on Twitter attacks and the accounts involved. One red flag signaling suspicious activity from a Twitter profile is when a Twitter user tweets the same message over and over again about a product or website. Do not click on any links provided in the messages or retweet any of the bogus messages.
Twitter Crucial Safety Tip #2: Follow safe password practices
Never (and I mean ever) give your Twitter password to anyone, this includes friends and family. Make certain that the password you are using is not easy to figure out. Try using a combination of numbers, letters and symbols to create a strong password. It is always a good practice to regularly change your password after there has been a reported attack against Twitter or other social networks. If you are a member of more than one social account, it is suggested that you utilize a different password for each account. If a hacker were to obtain your password to one of our accounts, they could use it to log into other social accounts that you may own.
Twitter Crucial Safety Tip #3: Be careful what you download or link on Twitter or other social networking sites
On Twitter, and indeed, many social networking web sites, there are literally hundreds of new applications being released for you to use on your profile. Be careful to research these, as many of them may ask for your username and password. Be sure what you are sending and to whom you are sending it to. It is best to ask others about specific applications or test them out before using them.
Clicking on shortened URL's such as those from Bit.ly or Tinyurl are risky practices. Shortened URL services put you at risk of being redirected to a malicious site that can infect your system with malware. Some shortened URL services such as Tinyurl and Bit.ly allow you to preview the link before it is clicked on. This is an excellent feature to take advantage of to prevent visiting an unwanted website. Just as with spam email messages, links within Twitter messages, shortened or not, can easily prompt the download of a malicious file or redirect you to a dangerous website.
Twitter Crucial Safety Tip #4: If you see something, say something
If you ever suspect something is not right, whether you are being harassed or you suspect that another user's system is infected with a parasite, then it is best to report it to Twitter. Because Twitter has been struck with a number of attacks lately, we should all do our part in reporting malicious activity. If you receive a message from a user that is clearly attempting to spread malware, then it is best to send a direct message to Twitter's "spam account" page.
Twitter Crucial Safety Tip #5: Follow general safe social networking practices
It is important to always follow general safety precautions when one is visiting social networking websites such as Twitter or Facebook. The main safety precautions to follow are:
- Do not trust anyone. Be suspicious of all users even if they claim to be a friend of yours.
- Always be mindful of fake sites and profiles on social networks.
- Never sacrifice your safety for the sake of popularity by following or adding users that you do not know.
It's highly recommended to only follow people you know in real life. Never respond to users who you don't know. Keep your Twitter feed private and only give people you know permission to view it. Once you post a Twitter message on someone else's Twitter page, it can be seen by thousands of other Twitter users that may be following your friend. Do not ever assume that your Twitter message is private. A large majority of online social network users are teens and they do not realize the consequences of posting private information. Users should always tell the proper authorities about any threatening or negative tweets or messages they receive.
Twitter Crucial Safety Tip #6: Keep your antivirus/antispyware software and other PC security tools up-to-date
Probably the most important and basic line of defense, is to make certain that your computer has the latest in security software. Be sure to upgrade your antivirus program and operating system often. There are many attractive links to click on while exploring Twitter, and there is no telling which of these may contain malware just waiting to infect your system.
Remember that Twitter is still new, and while its popularity may continue to climb, it can sometimes be difficult for developers to include proper safety procedures and security settings to keep up with the growing demand of the public. While there is no harm in trying Twitter out and following friends or some of your favorite bands online, just be clever about how you use it.
How to Save your Twitter Account and PC After a Worm or Malware Infection
To prevent the spread of malware via malicious Twitter messages it is necessary that you avoid retweeting (RT) them. If you have noticed suspicious activity from a profile such as tweets containing the word "Mikeyy", then you must take action to remove the threat.
To remove a common threat such as "Mikeyy" you must follow following process:
- Then Log into Twitter to delete all the messages in your profile that have the word "Mikeyy" or any other obviously corrupt Twitter profile.
- Download and install a security application such as SpyHunter that scans your system for malicious files that may have infected your system through the potentially dangerous message sent from the corrupt Twitter profile.
- In addition, you can utilize a Firefox plug-in such as "NoScript" that blocks XSS (cross-site scripting) exploits, which is a common method for worm infections to infiltrate computers through Twitter. There is no computer user that is immune from exploited messages on social networks such as Facebook and Twitter.
Any horror stories to share about your experiences on Twitter, or other social networking sites like Facebook and MySpace? Any advice or tips not mentioned here that you can provide for people to help keep them safe? Please, leave a response and give us some feedback.