Scam, scam, scam — it seems that everywhere I go these days (online) there’s another scam just waiting to entrap me.
Twitter scam. Don’t click that link!
This morning it was Twitter. One of the people I follow had sent me 2 Direct Messages inviting me to click on a link.
The messages looked suspicious.
While I follow this person on Twitter we’re not close friends, or even actually acquainted. Why would they send me messages like this?
Luckily I knew better than to click the links. Just as well, as I could have been in trouble.
The magic portal
While a hacked Twitter account isn’t highly desirable, it’s a doorway to a greater prize, as MSNBC explain:
When the link is clicked, it could ask the user for his or her Twitter password and log-in information.
It’s not so much that a crook wants to read why you’ve written on Twitter, or start postingyour tweets. Rather, criminals are looking to see if your account information is the same for other accounts, including those for banks, where the reward for such phishing is more lucrative.
[Via : Twitter phishing ploy goes for ‘Direct Messages’ - Security- msnbc.com.]
Compartmentalise your passwords
When I watch crime shows on TV they sometimes talk about information being ‘compartmentalised’. Apparently that means that you only know as much as you need to know, and sometimes not even then.
Against the rules of Plain Language, I chose my heading above, so it would draw attention.
The thing is, that anyone could click on the links in those Direct Messages. I was tempted to at least find out what was at the end of one of them. If you click the link and enter your Twitter details then the bad guys have access to your Twitter account. Big deal: they could annoy all your friends and followers.
But if you use the same login information for your bank, your websites, your PayPal account, then you could be in big trouble.
Keep your passwords separate.
Compartmentalise your passwords. Use one password for one bank and a different password for another, and a different password again for Twitter.
1Password makes it easy
Of course, you won’t do that. It’s too hard. Before you know it you have 100 passwords to remember. You just write them on a sticky note and attach it to your monitor, so anyone at all can hack your accounts.
Or you buy 1Password (for Macs, 20% discount for a day or two still — see my last Post) and use ⌘ \ as your password for everything, secure in the knowledge it’s safe.
Honestly, I use 1Password 50 times a day. I’d be lost without it.
Beware the weird
And a final note of caution: if someone you don’t know sends a message asking you to visit a web page, treat the link with caution. They may be sending you to a site that will try to add viruses and other bad stuff to your computer.
And if that site asks for login for a service you use don’t do it. Just back away.
KnowIT by RSS
Good Advice Miraz,I actually got Suspicious a few Weeks ago About one of these Messages. I am not a Mac user but I am sure I will Find a Linux alternative to this 1Password. But as for these False login Pages I done a Whois on the Domain that tried to Hack my Twitter Account and the Results were Very Surprising as the Register Had Some 900 domains Registered. I also seen that the Fake site had Many Mistakes in the Navigation but the Landing Page Would have Been Enough for an Unsuspecting User to Input His/Her Login Information
Thanks Chris. It’s just so rotten that we have to watch every step we take on the Internet, with so many scammers working really hard to deceive us.
Add your Comment