When Twitter Goes BAD! Part 2: Dealing with spam, and being hacked

On the second day of Twitter week here on the Toolkit blog, we'll look at what to do when your account gets hacked (and how to reduce the chances of this happening in the first place) and dealing with spam.

This is actually Part 2 of a post from a while back; Part 1, on mistakes, mistweets and abuse, can be read here.

Help! My Twitter account has been hacked! 

Sometimes Twitter accounts get hacked - what usually then happens is it sends out Direct Messages (DMs) to your followers, with a link to something dodgy. The DM will often take the form of something designed to compell you to click the link - for example 'Some people online are saying really nasty things about you: [link]'. Obviously, if you receive one of these, don't click the link! And let the account-holder know.

If you find out what your account has been hacked:

1. The first thing to do is change your password so the hackers no longer have access - just go to the passwords tab and choose a new one
2. Tweet something to the effect that the account has been compromised, apologise, and advise your followers NOT to click on any links contained in DMs sent from the account 
3. Go to your Direct Message screen and see who the spam messages have been sent to. If the recipient has already deleted the message it won't show up here - but that's okay, it's safe to assume they know it is spam and that's why they've deleted it. It's everyone else you need to worry about - so message all the remaining people DM'd by the hacking programme to say something like  'Please ignore the previous DM - our account was hacked but we have now regained control. Apologies.'  It may take a while but it's the responsible thing to do to avoid people getting viruses on their PCs etc - this is doubly important with an institutional account.
4. This is a really key part - revoke access to 3rd party apps. The most likely way your account was compromised is because some 3rd-party app which has access to your account has also been compromised. So for example every time your authorise another website to use your twitter account - either to tweet (as in 'I just watches this video on Youtube' using YouTube's sharing buttons - or whatever it may be ) or to analyse (as in, a statistics app has accessed your account to calculate where your followers are located or how often you get @ replies - or whatever it may be) - another app gets added to the list of programmes that in effect 'have' your Twitter username and password. If you go to Settings > Apps on Twitter you can see the list - it'll probably be a lot longer than you'd imagine for your personal account, but hopefully not THAT long for your library's account. One of these apps will likely be the culprit, so revoke access to every single one which you don't 100% need, or which looks like it may no longer be active, or is just in any way dodgy. If there's anything there you don't recognise, that may well be the culprit
5. Here are Twitter's own guidelines on the subject

When you can't log-in because the hacker has changed your password, immediately request a password reset from Twitter, change your password, log-in, then follow the same steps as above. Twitter's support page on that subject is here. If the hackers have also hacked your email so you can't even do that, then - well, you're beyond my help anyway. :)

Tweetbots, spambots, & spam tweets

Twitter has many accounts which are entirely automated - known as bots. Some are completely harmless - Shakespeare bots scan the Twitterverse for people quoting Shakespeare and quote some more back at them, for example. There are many, many spambots, however, which will tweet @ millions of accounts at once with a message and a link - as always, the aim is to get you to click a dodgy link. Quite often the message will be nonsensical and just a mixture of currently trending topics to try and hook as many people as possible - but sometimes they're a bit more subtle. Basically, if someone tweets @ you with a link, don't click on it unless you know the person or are convinced as to what the link is.

From an institutional Twitter account point-of-view, the important thing is click the 'block' button (or the 'report for spam and block' button) so that the Tweet no longer appears in your timeline - because multiple people tweet as the library, and not all of them may realise what is a spam tweet and what isn't. Don't take any chances on someone clicking something they shouldn't, and just get rid of the tweet.

It goes without saying, that if you're on the receiving ends of one of the spam DMs discussed in the section above, this too should be deleted with all haste, and the links they contain should not be clicked under any circumstances.

There are certain types of spam which are completely benign - various bots comb Twitter for references to Shakespeare for example, and reply in verse. Once you start talking back to them, you can lose hours in conversation...