How many times have you seen this DM in the past month?:
If you’re a casual Twitter user you may not find this sort of thing to be much of an annoyance. After all, you may not even pay attention to your DM’s. If if you do, you may be bright enough not to click on any links sent to you by strangers. If you’re a professional brand-manager, as I am, this situation is more than just an annoyance.
I receive this message, and many other similar phishing scams up to 30 times per day across the handful of channels I monitor. The barrage of spam DM messages basically renders my entire DM channel useless to me, and it fills my iPhone Notification Center up with garbage, such that I miss important communications from the brands’ customers, vendors, and PR personnel.
I’ve seen a few individuals rail directly at Twitter from time to time about doing more to close down spam accounts, bots, and other malcontents who are pissing in the Twitter stream, and that made a lot of sense until quite recently. Now that doesn’t’ make a lot of sense, and here’s what’s changed:
It used to be that these garbage DM’s and spam-link @ mentions were coming almost exclusively from fake profiles created, often in bulk, by spammers and folks pushing botnet links. Now, these messages are coming from YOU. That’s right. There’s a new strategy in town, and that strategy targets the profiles of legitimate Twitter users, susses out their user/password combination, and then sets up an Auto-DM sequence with one of the many such services, sending out bulk spam DM’s without the profile owner ever knowing that they’ve been compromised.
Would you like to know whose fault it is? Are you sure? Okay, here it comes.
This is your fault, because your password sucks.
That’s right. No matter how many times you’ve been told, or you’ve read that you need to create truly secure passwords, you do not. You’re lazy, and/or you’re convinced that you can’t remember a complicated password. And now you’re polluting everyone else’s online experience.
Most users I’ve talked to about this don’t realize that the spam DM’s are coming in from real profiles. You’re running the risk of being blocked and reported as a spammer, and you’re damaging your own brand. How do you like that?
So, are you still reading?
Twitter could start holding users responsible for their accounts being hacked, but they never will. Fixing Twitter is up to us.
Now go and change your password to something secure. Remove any installed applications that you’re not currently using, or that you can’t recall installing yourself.