On Friday morning I started to get some new Direct Messages on my account (see examples in image) with phrases like:
“Want to lose any weight? go here: [link removed] best product for losing weight”
And then later,
“You seen what this person is saying about you? [link removed] terrible things..”
The first one of these is a link to yet another ‘Acai Berry’ site, but I’m pretty convinced the people who tweeted me didn’t know they were promoting this product through their direct messages.
The second one is currently out of action this morning, however it is linked to a domain tivvitter.com which has been associated with Stalktrack, a bogus app which purports to be able to ‘see who ‘stalks your twitter’, which was active last summer.
The stalktrak scam presents you with an ‘Authorise StalkTrak to use your account?’ page similar to ligitimate twitter authorization pages, which required you to enter your twitter login details. The purpose of the page was simply to steal your login so as to use your account to spread the messages to your followers via public and private messages.
Background Information article from last July (don’t rely upon the information, it is going to be out of date).
Recent verification of the scam at Phishtank
Twitter is waging an ongoing war against spammers and hackers. I wrote about this here and here. It isn’t surprising that with such a large community there are some attempts to do this, so lets look after each other.
What if I’ve been Hacked?
If you believe that your account has been compromised and you have given away your login or authorized an app like this, or if your account sends out messages you didn’t authorize, there are two things you must do.
1. Revoke access to the applications that already have access to your account. Do this by visiting the Applications tab in Account Settings (when you are logged in).
2. Change your password. If you can’t login to your account anymore, request a reset of your password to be sent to your email address.
What if a friend sends me these messages?
If you come across someone who is sending you unsolicited Direct Messages – why not send them a link to this page so they know what to do?
Toby says
Nice one, I’ve been seeing loads of these DMs recently, really annoying for all involved. Didn’t know about the applications section of my account, totally makes sense, interesting to see how many sites I’ve given access to!
Zain Lilly says
Thanks a lot for the article post.Thanks Again. Great.
Su says
Quick footnote:
Don’t forget to delete the tweets your account has sent out, thereby removing the chance someone will click on the link and spread the problem. It is possible to delete DMs and public messages.
Emma says
Thanks Su – I think at least 50% of the DMs I get at the moment are these!