Twitter Again Resets Thousands Of Hijacked Accounts

Dave Larson -

If you’ve ever logged into Twitter, but didn’t check the URL to see if it really said Twitter.com in it, you may have logged into a fake site which stole your password. Which can make you very confused and angry!

Urgent UPDATE FROM TWITTER Buffer this

If Twitter has detected that you have sent links to a fake Twitter site that steals passwords, they assume you have been hijacked. So many people have recently had their passwords stolen that Twitter is AGAIN resetting passwords on many accounts. Read on to learn more:

What Can I Do If Twitter Doesn’t Reset My Password? Buffer this

If you see tweets or DMs going out that you didn’t create, or if someone tells you that you make be sending hijacked messages, change your password and revoke any apps that you don’t need or don’t recognize (you’ll need to be logged into Twitter.com to see this page).

How Does This Happen? Buffer this

Once your account has its password stolen, it is commonly used to send messages to your followers with links to fake sites.

Messages sent from hijacked accounts include dozens of variations, such as

  • “Someone is saying really nasty stuff about you here”
  • “Automated DM, You are tweeting too much”
  • “Read this, it says really bad stuff about you”
  • “Saw a real bad blog about you”
  • “Lol! Is this you in this pic?”

If you’ve ever clicked on a link from one of these messages, you will have found yourself at a fake Twitter login page. If you didn’t wonder “why am I being asked to login?” or look carefully at the URL, and went ahead and logged in, your password was stolen

How Can We Prevent This In The Future? Buffer this

Twitter deactivates bad URLs in links as soon as it realizes they are bad. Unfortunately, the bad guys keep changing the links.

One of the best ways to stop this is to let anyone know who sends you a link like this that they have been hijacked, and direct them to this blog post or to http://bit.ly/accountamiss. We need to help one another!

It’s important to teach people that spam-like messages might NOT be from spammers, but from innocent accounts that had their passwords hijacked. So when you see such a message, you may want to let the person know they’ve been hijacked.

Article continues below

Get 200% more clicks
on your Tweets

By Buffering Tweets, they are posted at optimal times giving you 2x more exposure.

Sign up for free

How Else Can My Account Be Compromised? Buffer this

Fake Emails “From Twitter”

First, if you think you’ve gotten an email that appears to be from Twitter.com but looks suspicious, forward it to spoof@Twitter.com. You’re helping catch and stop the spammers.

Never open an attachment or install any software from an email that claims to be from Twitter; it’s FAKE. Also, Twitter will never email you, direct message you, or @reply you asking for your password.

Friends Or Employees

If you’ve ever left your computer unattended, or had someone who accessed your Twitter account via an app, they could compromise your account.

Apps can remain connected to Twitter even after you change your password.

So if you are firing anyone who accesses your account via an app, you may need to do more than change your password.

Passwords Stolen From Other Sites

Whenever a website is hacked such that the hacker get user passwords, they often then try them on major sites such as Twitter, Gmail, Yahoo, Facebook, and so forth.

You can protect yourself by adding one letter to your password to make it unique for every site you use. For example, if your password is 123!_@Abc, simply make it 123!_@AbcT for Twitter, 123!_@AbcF for Facebook, etc.