February 26, 2012

I've Been Twacked! (My Twitter Account Was hacked)

from Google images
Well, I guess it had to happen: my Twitter Account was hacked into about a week ago, ruining the beginning of my satisfying retirement week. I opened a Direct Message from a blogger I am friends with just before going to sleep, and all heck broke loose while I slept. I woke up to all sorts of Tweets from followers accusing me of being a robot, an idiot, or other charming names. Others were kind enough to suggest my account had been compromised.

I opened my Direct Messages and saw hundreds of bogus messages sent out in my name. As fast as I deleted them more kept coming. They all said the same thing: Did you see what this Tweet said about you? This was followed by a shortened link. Clicking that link took someone to a Romanian web site that promptly stole that person's password and sent the same message to everyone of their followers.

A nightmare!

The account had been so screwed up I couldn't even sign in to change my password. Apparently, the phishers had changed my password blocking me from my own account. Eventually, I managed to get to a Twitter help screen to submit a form to change my password. Of course, that meant changing it for several other sites, too. And, just to be safe I changed the password on my Google account so this blog couldn't be hijacked or spammed. Next, after about half a dozen attempts I managed to deactivate my Twitter account. The hope is by changing passwords and closing down the account for awhile, the computer that was flooding the world with my name would go somewhere else. I also deactivated all third party apps that interacted with Twitter.

Perhaps you are wondering why don't I just move on and forget Twitter? Simple: promotion. Twitter is an important source of traffic to satisfying retirement blog. I use it to promote new and old posts on this blog. I take interesting articles from my two daily e-newspapers and provide links. I exchange tweets with followers. So, while I can live without it, losing Twitter would hurt my blog's growth.

Update: After waiting several days, I reactivated my account. So far, so good. But, I will never again click on a link that appears in a direct message...too much spam and too easy to compromise my account.

What to do if this happens to you:

  1. Change your twitter password
  2. Revoke all third party apps
  3. Tweet apologies to all followers
  4. Tweet specific message to be on lookout for
  5. If this doesn't send the spammer packing, deactivate your account (have up to 30 days to restart without losing followers and Twitter name)
  6. Wish the spammer a painful and near-fatal skin condition

How about you? Ever been hacked, or password stolen? Ever had anyone mess with your on-line bill paying? Share your experiences and what the outcome was. We can all learn from each other.


  1. What a nightmare. I clicked on one of those "Did you see what this Tweet said about you?" DM's awhile back and my virus protection software started going crazy and wouldn’t allow me to access the link. I did think while clicking it was odd this particular, popular tweeter would send me such a personal DM. Sounds like my virus protection saved me a whole lot of trouble. I've gotten similar messages since, but never attempted to click on one again. You are performing quite a service getting the word out.

    1. My mistake was I clicked on the link from my phone just before bedtime. My anti virus program on the computer would have probably saved me, but the phone didn't. Like you, I got the DM from a blogger I trusted so I didn't think about it.

      Because of this experience I will never open any link in any direct message ever again.

  2. Oh dear. I was just nervously poised on the brink of opening a Twitter account and now I read this! It might be a sign that I don't need to go there yet. I will start with Facebook--I'm already anxious about even that! Can we say move into this century?!

    I'm so sorry that happened to you. What a frustrating way to wake up!

    1. From what I've read since this incident Twitter's security isn't the best for keeping dedicated phishers and spammers out. Facebook's biggest issue is protecting your privacy. Be very careful what you share on FB and be aggressive in your privacy settings.

      Thanks for your concern, Galen. We live in a world with some very unpleasant people. They desperately need your 10 steps to finding their happy place.

  3. Bob,

    Thanks for the warning. You might remember I got my blog hacked and had to pay my tech guy to fix it as I thought I'd lost all my posts forever. Good thing you are tech savvy. Is it all back to normal. I thought you were going to have to start from scratch with a new Twitter handle etc.

    1. I do remember that. In fact, as soon as I determined the extent of the Twitter problem, I immediately changed the password to my Google account (gmail, blog, etc). Even though it wasn't the same password as Twitter, I didn't know yet if someone had stolen key strokes as well as just compromising Twitter. So, better safe and sorry and lose almost 2 years of work.

      What bothered me the most was the potential damage to my reputation if people thought I was behind the "attack."

    2. I understand that. But as we know you, we wouldn't assume that. Perhaps only your recent followers.

    3. I was called some choice words by a few people on Twitter but no readers of this blog !

  4. Bob,
    Have you posted about your Twitter strategy. I have yet to understand and take advantage of Twitter. I'd love to know more about how you use it.

    1. I haven't devoted an entire post to my strategy, but I think I can summarize it in a few sentences here:

      1) It is an important promotional tool for this blog. I tweet about each new post several times while that post is in first position. I also use Facebook and Google+ for the same purpose but get quicker response from twitter.

      2) I tweet about older posts that generated strong comments and views several times a week to generate fresh reads.

      In both cases I can see a direct increase in traffic to the blog. It is especially noticeable with older posts.

      3) I pull articles from my two promotional newspapers to promote both the papers and my "expert" status with tweet links..usually 5 or 6 a day.

      4) I interact with other folks, retweeting their stuff, replying to their tweets, or making a comment to build up a following.

      5) I follow every list that follows me..at last count 55 lists.

      All of this doesn't take more thn 30-45 minutes a day.

      Hope that helps, Ralph.

  5. What a headache! I've been hacked on Twitter, FB, and Google+ at different times. None of my experiences were as extreme as yours. I was able to change my password on twitter right away and not experience any further problems. But like you, I try to never click on a link in a DM that seems suspicious at all.

    The problem I'm finding is remembering my new passwords. It's now an issue of having almost endless numbers of passwords since there are so many different online activities.

    It's interesting to hear your twitter strategy and experience in terms of traffic. Something seemed to change about twitter 6-9 months ago; I don't find it nearly as effective for blog traffic now and I've heard other people say the same. But then others love it madly!

    1. I use twitter to accomplish a specific goal. If and when that no longer works I'll drop it because it does take time each morning to maintain the information flow.

      Passwords do become a pain. I have a dozen or so and change the ones connected to on-line brokerage and banking accounts on a regular basis, but the others tend to stay the same for too long. There are software programs that store passwords, but I'd never ever do that. Someone hacks that account and my whole life could slip away.

      I guess hacking is a certain sign of popularity or being visible in the cyberworld, but we could all live without it.

  6. Thanks for sharing your tips, Bob! It can be helpful to us if we limit the visibility of our account. That way, there would be less chance of being a victim of the spamming and the likes. Anyway, the tip #6 is really the best! ^__^

    Annie Valdez


Inappropriate comments will be deleted