F-Secure
Tools
Digg 
Delicious 
Email 
Facebook 
Favorites 
Google 
Myspace 
StumbleUpon 
Twitter How to Practice Safe Tweeting
Avoiding Bad Links, Stealth Scammers and Sneaky Spammers
More than 20 million people already using Twitter, and it probably already feels as if everyone in the world is tweeting away. But that’s not true—yet. For instance, your mom probably isn’t on Twitter—yet.
On the Internet, great popularity comes with great vulnerabilities.
An August of 2009, a distributed denial of service attack targeting a Georgian blogger shut Twitter down for hours and made international news. Malware, worms and now botnets are all daily security concerns for the site. Eventually every annoying trick, trap and spam that showed up in your e-mail box will find its way into a Tweet.
Capitalizing on the trust we have for our online “friends,” criminals are increasingly targeting social networks. F-Secure Labs predict even more threats targeting social media. So, stay on your toes! To protect your irreplaceable content and invaluable financial information, remember the following while you’re tweeting, re-tweeting and hashtagging away.
1. Be Prepared with Updated Software
Twitter is the new frontier of the Internet. It's like a "gold rush" boomtown; all types are floating through. Remember the same security lessons you got used while using e-mail: Watch where you click; don’t sign up for/follow everything; expect a lot of silly forwards; never allow a unfamiliar program install itself.
Your best precaution is an updated Internet security suite along with the most current system software. To make certain that all of your applications -- including Adobe Acrobat Reader, Flash, iTunes, Quicktime and RealPlayer-- are fully patched and protected use the free F-Secure Health Check. It's easy.
2. Be Skeptical of Any Direct Messages
In about two minutes, you could create a Twitter account that impersonates almost anyone living or dead. Twitter has added “Verified Accounts” for celebrities, but no one is really verifying if that page was really put up by your co-worker Stu. That said hackers probably aren’t going out of their way to impersonate your co-worker Stu. (But they might take over Stu's account to trick you into clicking on a bad link; we'll get to that in a moment.)
Give any Twitter you’re thinking of following a careful scan.
Check if there’s a respectable image; make sure all tweets aren’t entirely repetitive self-serving spam; see if there’s a reasonable follower to following ratio. Then, if you have an interest in their Tweets, follow away.
But don’t let your guard down.
You can never really know if any Twitter account has been taken over by someone with criminal intent. Hackers have hijacked accounts and use them to spread links to spam and phishing scams. We have also seen links point to malware sites where the end goal has been to steal online banking credentials or other personal information. You should very wary of any link sent to you in a Direct Message. If you must click it, please first check it out with F-Secure's free Browsing Protection.
You can keep track of some current Twitter spam risks by following the official Spam Twitter. F-Secure's Twitter will also alert you of any immediate security concerns.
3. Extend Those Links
Now we come the biggest threat on Twitter: the LINKS. As you know, once you click a link, you could end up anywhere. And Twitter is well aware that bad links have the potential to wreck some real havoc. That’s why they’ve started filtering for malicious links. But they can’t catch everything, especially because the 140 character limit demands that most URLs be abbreviated. Shortened links—even from Twitters you know and trust—can present a unique security challenge. Links from tinyurl, bit.ly and other services have, in rare cases, led users directly to infected files or phishing scams.
You can always expand the shortened links you find at LongUrl. The LongUrl Firefox Extension makes extending links easy. But that doesn’t completely eliminate the risk of landing on a site that has been infected, hacked or spoofed. So check any unfamiliar site with F-Secure's Browsing Protection.
Never trust a site that tries to install any software or pretends to be scanning for malware without your permission. If you are seeing persistent pop-ups or you notice that a program has installed itself on your PC, immediately run F-Secure Online Scanner for free.
4. Protect Your Passwords
Once a hacker has your password, you’re completely vulnerable. So guard your little jewels jealously.
Most importantly, you should use different passwords for every account you have. Your passwords should complex and not based on any readily available information like your kids' or pets' names. It's a lot to keep track of, but you can write them down. Prevent your browser from remembering your passwords, and practice good password hygiene by changing your passwords every few months.
Finally, once you stop using an e-mail or social networking account, delete it.
5. Assume It's a Scam
Your bank probably isn’t going to contact you through Twitter—but someone pretending to your bank or PayPal or a credit card company may. Verify any financial concern directly with your institution. Don’t trust anyone that’s asking for financial help or telling you how to get more followers fast. Scams usually seem pretty obvious in retrospect, but the reason they exist is that they work! smart people lose themselves and slip up. Don’t be one of those people.
6. Protect Your Privacy
A good question to ask yourself before you Tweet anything is: Would I say this in a room of strangers?
Unless you “protect your tweets,” everything you post goes into the public timeline. So never share sensitive or confidential information—including your e-mail address. Specifically , don’t announce vacations or even too many details about your schedule in advance or while you’re away from your home.
Tweets about layoffs, drunken behavior and how someone looks in a certain dress may be fun at the moment. But your online history lasts forever so you never know who’s going to see your page. On that note, be careful about using any social network when you’re mad. Before you tweet anything in anger, take a deep breath and remember that your mom may have just joined Twitter.
More than 20 million people already using Twitter, and it probably already feels as if everyone in the world is tweeting away. But that’s not true—yet. For instance, your mom probably isn’t on Twitter—yet.
On the Internet, great popularity comes with great vulnerabilities.
An August of 2009, a distributed denial of service attack targeting a Georgian blogger shut Twitter down for hours and made international news. Malware, worms and now botnets are all daily security concerns for the site. Eventually every annoying trick, trap and spam that showed up in your e-mail box will find its way into a Tweet.
Capitalizing on the trust we have for our online “friends,” criminals are increasingly targeting social networks. F-Secure Labs predict even more threats targeting social media. So, stay on your toes! To protect your irreplaceable content and invaluable financial information, remember the following while you’re tweeting, re-tweeting and hashtagging away.
1. Be Prepared with Updated Software
Twitter is the new frontier of the Internet. It's like a "gold rush" boomtown; all types are floating through. Remember the same security lessons you got used while using e-mail: Watch where you click; don’t sign up for/follow everything; expect a lot of silly forwards; never allow a unfamiliar program install itself.
Your best precaution is an updated Internet security suite along with the most current system software. To make certain that all of your applications -- including Adobe Acrobat Reader, Flash, iTunes, Quicktime and RealPlayer-- are fully patched and protected use the free F-Secure Health Check. It's easy.
2. Be Skeptical of Any Direct Messages
In about two minutes, you could create a Twitter account that impersonates almost anyone living or dead. Twitter has added “Verified Accounts” for celebrities, but no one is really verifying if that page was really put up by your co-worker Stu. That said hackers probably aren’t going out of their way to impersonate your co-worker Stu. (But they might take over Stu's account to trick you into clicking on a bad link; we'll get to that in a moment.)
Give any Twitter you’re thinking of following a careful scan.
Check if there’s a respectable image; make sure all tweets aren’t entirely repetitive self-serving spam; see if there’s a reasonable follower to following ratio. Then, if you have an interest in their Tweets, follow away.
But don’t let your guard down.
You can never really know if any Twitter account has been taken over by someone with criminal intent. Hackers have hijacked accounts and use them to spread links to spam and phishing scams. We have also seen links point to malware sites where the end goal has been to steal online banking credentials or other personal information. You should very wary of any link sent to you in a Direct Message. If you must click it, please first check it out with F-Secure's free Browsing Protection.
You can keep track of some current Twitter spam risks by following the official Spam Twitter. F-Secure's Twitter will also alert you of any immediate security concerns.
3. Extend Those Links
Now we come the biggest threat on Twitter: the LINKS. As you know, once you click a link, you could end up anywhere. And Twitter is well aware that bad links have the potential to wreck some real havoc. That’s why they’ve started filtering for malicious links. But they can’t catch everything, especially because the 140 character limit demands that most URLs be abbreviated. Shortened links—even from Twitters you know and trust—can present a unique security challenge. Links from tinyurl, bit.ly and other services have, in rare cases, led users directly to infected files or phishing scams.
You can always expand the shortened links you find at LongUrl. The LongUrl Firefox Extension makes extending links easy. But that doesn’t completely eliminate the risk of landing on a site that has been infected, hacked or spoofed. So check any unfamiliar site with F-Secure's Browsing Protection.
Never trust a site that tries to install any software or pretends to be scanning for malware without your permission. If you are seeing persistent pop-ups or you notice that a program has installed itself on your PC, immediately run F-Secure Online Scanner for free.
4. Protect Your Passwords
Once a hacker has your password, you’re completely vulnerable. So guard your little jewels jealously.
Most importantly, you should use different passwords for every account you have. Your passwords should complex and not based on any readily available information like your kids' or pets' names. It's a lot to keep track of, but you can write them down. Prevent your browser from remembering your passwords, and practice good password hygiene by changing your passwords every few months.
Finally, once you stop using an e-mail or social networking account, delete it.
5. Assume It's a Scam
Your bank probably isn’t going to contact you through Twitter—but someone pretending to your bank or PayPal or a credit card company may. Verify any financial concern directly with your institution. Don’t trust anyone that’s asking for financial help or telling you how to get more followers fast. Scams usually seem pretty obvious in retrospect, but the reason they exist is that they work! smart people lose themselves and slip up. Don’t be one of those people.
6. Protect Your Privacy
A good question to ask yourself before you Tweet anything is: Would I say this in a room of strangers?
Unless you “protect your tweets,” everything you post goes into the public timeline. So never share sensitive or confidential information—including your e-mail address. Specifically , don’t announce vacations or even too many details about your schedule in advance or while you’re away from your home.
Tweets about layoffs, drunken behavior and how someone looks in a certain dress may be fun at the moment. But your online history lasts forever so you never know who’s going to see your page. On that note, be careful about using any social network when you’re mad. Before you tweet anything in anger, take a deep breath and remember that your mom may have just joined Twitter.