Blog

Hacking and Phishing attacks have been a problem on Twitter for a while, and they show no signs of slowing down so I thought I would post some tips to help other Twitter users not become the next target on the hacker’s list.

There are two main methods by which a hacker can compromise your Twitter account:

1) Phishing

The main method to hack your account is to simply trick you into giving the hacker your account details, or trick you into allowing a rogue App access to your Twitter account.

Do not click on DM's like this one!

A usual way for a hacker to do this, is to send a Direct Message to you from an already hacked follower account. This message has taken the form of ‘This person is spreading nasty rumours about you’, or ‘Look what people are saying’, or more recently ‘how is this possible?’, or ‘what?’. The message will also contain a link, typically created through a URL shortening service such as tinyurl.com. If you click on this link then you will be taken to a fake Twitter website where you are asked to confirm your Twitter details and/or allow access to a Twitter App.

After doing this, the hacker can access your account and can re-send the DM on your behalf to the next wave of targets (all your followers…). Tweets will also be posted to your timeline, with links to spam or malware.

2) Password cracking

The less likely way for a hacker to gain access to Twitter accounts, is to simply keep trying variations of passwords until they find the correct one.  This might sound unlikely, why would someone bother hacking your account in preference to anyone else on Twitter. However, most hacking is performed using automated scripts, and so the image of a hacker sitting in front of a computer targeting you personally hasn’t been true for several years.

Their hacking script will build (and add to) a list of target accounts, and then keep trying passwords over a long period of time until the correct password is found. Obviously, if you have a common and/or simple password then within a few days, weeks (or even months) your account is vulnerable to this sort of attack.

Once the hacker has access to your account then they can  use automated scripts to send out spam direct messages to all your followers, or post spam tweets on your behalf.

How to prevent being hacked

  1. Change your password to something which is complicated and over 8 characters long. It should contain a mix of upper-case, lower-case, numbers, and special characters such as ‘@’, ‘!’, and ‘$’. Your password must not be the same as your username, or commonly used phrases such as ‘mickeymouse’ or ‘abc123′. It also should not be a name or common word/phrase as these are vulnerable to ‘dictionary’ attacks.
  2. If you receive a DM from someone you don’t normally have contact from, or if a DM seems out of context, or contains a link, then don’t click on the link. If the DM could be genuine, then send a reply to the sender and ask them to confirm that it is genuinely from them.
  3. If you see an ‘out of context’ tweet on someone’s timeline (similar to the below example), then don’t click on the link.

Dont click on tweets like this!

If you have been hacked

  1. Change your Twitter password immediately. Also change the password for the email address that your Twitter account is registered with, particularly if you used the same password for both.
  2. In Twitter, click on the Settings ‘gears’ icon, and select ‘Settings’. Click on ‘Apps’. Review the list of apps which you have allowed access to your account. Click ‘Revoke access’ for any which you do not recognise.
  3. Review your Twitter timeline, and delete any spam tweets.

Hope this helps, the main points to remember are “secure password” and “don’t click on unsolicited links“!

We’ve set up websites for vets before, and we can proudly add Kynoch Vets to our client list. Their vet website was launched today, and was set up by Fearntech using WordPress, a customised theme, bespoke elements, and integration with a third party supplier of veterinary articles. Please visit their vet website.

On the website where you are purchasing items (the seller’s website), click on their ‘Pay now’ button. You will now be taken to the Paypal® website and will see the following page:

Paying by PayPal account - step 1

You will see two options; Pay with my PayPal account, and Pay with a debit or credit card. This guide will describe how to pay using a PayPal account. If you wish to pay directly using a credit/debit card then follow our other guide – Paying using a credit/debit card – step by step guide. Note that if you do have a PayPal account and you try to pay by debit/credit card and/or use the email address associated with your PayPal account then you may have to use your PayPal account for payment.

Enter the email address and password associated with your PayPal account. Then click on the Pay with my PayPal account link. Read more

On the website where you are purchasing items (the seller’s website), click on their ‘Pay now’ button. You will now be taken to the Paypal® website and will see the following page:

Help guide Paypal - paying by card - step 1

You will see two options; Pay with my PayPal account, and Pay with a debit or credit card. This guide will describe how to pay using a credit/debit card, if you already have a PayPal account then follow our other guide – Paying using a Paypal account – step by step guide.

Click on the Pay with a debit or credit card link. Read more

New website launched today for a sports training services provider in Kent – Lyonheart Sports Training. Please pay them a visit. Their website is based on the popular WordPress platform, and uses a pre-built third party theme to allow a very cost effective website to be created within a short timescale.

If you have a WordPress website and want to change your theme, either with a third party supplied theme or a bespoke theme created by us then give me (Paul) a call on 0330 001 5381. We can create bepoke database-driven websites, maintain your existing website, and also provide SEO and Social Media management services.

Clinic website designNew ‘refreshed’ website launched today for No.6 Clinic in Tunbridge Wells. Samantha was looking to soften the existing design and give the text more room to breathe. We change font sizes and more importantly font spacing, removed all the ad-hoc styling to give a more consistent site-wide style, and softened the existing colour scheme with the addition of more rounded corners. The result should be more attractive to the Clinic’s typical customers. Please give them a visit at their Tunbridge Wells beauty clinic (No.6 Clinic).