Join the Twitter Safety Movement

Online Threats, Web

Security and safety are probably the last things you want to think about while using Twitter. Unfortunately a steady stream of security issues including a recent spate of phishing attacks can’t be ignored without putting your PC, your friends and even your identity at risk.

Twitter recently took a major step with a Twitter-branded URL shortening service that will filter links—Twt.tl. But your safety is still at stake.

We can expect more phishing attacks, more scams, more social engineering schemes that take advantage of the faith we have for each other. And now that Twitter results are integrated into Google, Bing and Yahoo, these attacks jeopardize the integrity of search results across the web.

But you, and everyone on Twitter, can make a difference. The same tools that criminals use to rapidly spread their frauds can be used to protect us.

By just committing to using Twitter safely, you’re joining the fight. Check out this article for some basic tips on using Twitter safely.

If you want to go a step further and be an active force for safety on Twitter, we invite you to join in on an experiment we’re starting—the Twitter Safety Movement.

It’s no huge commitment. But by joining up, you’re simply stating your commitment to help keep Twitter safe by following through on some basic suggestions.

  1. Follow Twitter’s Spam and Safety accounts for updates. When you see warnings your followers should know about, RT them.
  2. Check any links before you share them. Use our free Browsing Protection to make sure they’re safe.
  3. Tweet  any suggestions you can find to promote strong passwords and other security basics.
  4. Report any scams that you come across immediately.

If you’d like to be a part of this experiment, just put a link to your Twitter account in the comments of this post or contact the F-Secure Twitter. We’ll add you to the Twitter Safety Movement list where you can sync up with other safety-minded tweets.

Of course, we can’t vouch for everyone who’s on the list. But we do believe that the technology that makes Twitter so appealing for connecting and sharing can also be used to make Twitter a safer place.

Or, at least, we can give it a try. Either way, we’re all in this together.

Cheers,
Jason

Tags

Rate this article

0 votes

26 Comments

Thanks for the tip. I didn’t know about @safety and @spam. I followed both, and reported a string of 30 identical spam messages from 15 or so spam accounts (whose other posts were clearly spam) that cluttered up my “Dallas Karaoke” search results.

I probably won’t tweet tech stuff with my @Tequila_K account, though. I spend my days coding and debugging… the Karaoke is for fun! But I’ll also make doubly sure not to *spread* spam with ill-advised RTs.

Don’t report spam to @spam any more! This is out dated and incorrect information.

You need to either report spam using the link on the site or by using a client that uses the appropriate functions in the Twitter API.

Only click links from people you trust. Don’t use automated follow programs and sites or pyramid style follower builders. BUILD YOUR FOLLOWERS MANUALLY!
Most good Twitter clients will now display the actual end links from common end short link api’s like bitly before you click them.

Don’t authorise your account against any application unless you’re sure you can trust it. Do not use applications/site that request your username and password. oAuth applications are much more secure.

Do use a good Antivrius program (take your pick there are plenty to choose from, read up on the latest tests of A/V products to find the most appropriate for you), but this is good advice for whether you use twitter or not.

DO NOT add links to third party product websites or other twitter account to your profile – other user will consider your account to be compromised or a spammer if you do this, no matter how well meaning they may appear when you decide to add them.

Stephen,

Thank you for taking the time to share such useful advice.I especially appreciate your suggestions about sticking to oAuth apps. And updated security and system software is definitely essential for any web use.

I have to remind myself to check http://twitter.com/settings/connections every once in a while to disable any apps I’m not using.

When you say, “DO NOT add links to third party product websites or other twitter account to your profile – other user will consider your account to be compromised or a spammer if you do this, no matter how well meaning they may appear when you decide to add them,” do you mean in the Bio text?

I don’t think I suggested reporting to @spam, just following it. But I should have been clearer.

Let me know if we can add your Twitter to the list.

Jason

A question about Twitter security. I’ve noticed that they require you to log in again at the drop of a hat. If I’ve logged in at work (with “Remember Me” checked), then I log in at home, it “breaks” the log in from work — I have to log in again. I see what they’re trying to do, of course: they don’t want people using public Internet terminals and leaving themselves logged in.

But are they causing people to get so used to logging in to Twitter, that they’ll enter their credentials at a fake site without thinking? Does that lead to the sort of problem described over at the F-Secure Lab blog ( http://www.f-secure.com/weblog/archives/00001911.html ), where a malicious link leads to a fake login screen?

Is there a “best practices” for supporting logins from multiple locations?

That’s an excellent question. I’ve noticed the issue being logged out often, and I tend to appreciate it since it’s sort of a way to track account use. I’ll try to get a you a technical response to the issue of best practices.

I do think that the multiple logins along with the numerous apps that access the Twitter API have made users more willing to enter their login information. That’s why Stephen’s point about only using oAuth applications that access your logged in account directly is so good.

Encouraging users to only use oAuth applications or to ONLY login into your account on the Twitter.com domain should probably be the 5th suggestion for people interested in Twitter Safety.

Jason

This is a great idea. Using a twitter community to keep everyone updated on safety. This plays to the strength of twitter. Count me in. Best of luck. I hope this group flourishes.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

You might also like