Lately my direct message inbox on Twitter has been flooded with people I don’t know informing me that they have found a picture (or video) of me. Sometimes they seem concerned: “Someone is posting a pic of you all over Twitter ;( link2pic here (link).” Others seem to be amused by what they have “found,” including an LOL somewhere in the direct message.
While the ignorant may also be concerned (or concerned at their amusement), these messages are examples of the latest in Twitter spam. While it’s important to realize that for someone to direct message you that you are following that person, these messages are a by-product of a chain of phishing and hacking. Should you be so curious what that picture is of, you may find yourself a victim of Twitter password theft or account hijacking, lending your account to an automation that sends out similar messages.
Unfortunately, these scams are not as obvious as someone in Nigeria claiming they have $1 million dollars for you (though I’m sure if such a scam could fit into 140 characters, we would also see that utilized). The best way to prevent yourself from falling victim to Twitter scams — especially ones that say that your personal privacy has been invaded — is just to not click on any links from total strangers. If some rogue picture from a party in college is indeed making its rounds on the Internet, you can be sure your friends and family will tell you. Your best bet is to not ever click on masked (shortened) links from strangers that go to an unknown source while using Twitter.
If you have already fallen victim to Twitter spam or a scam, be sure to change your password immediately if you can still access your account. If you cannot, try to recover your password and have the password sent to your email. If your account has been truly hacked, contact Twitter Support and choose Hacked or phished account as the subject of your request. Twitter asks that you use the email address you associated with the hacked Twitter account in the request, and it will then send additional information and instructions to that email address. Don’t forget to include both your username and the date you last had access to your account.