Have you been Tweetjacked?

Image representing Twitter as depicted in Crun...
Image via CrunchBase

Whether or not you are on twitter, this post may seem a little out of place for a lean blog.  Rest assured that I’m still very focused on lean; however, twitter has been the source of a growing number of visitors to our site and I feel compelled to share my experiences and help to serve the twitter community.

Not too long ago, I learned a few valuable Twitter lessons and, in the spirit of lean, I decided to share them here.

  1. Twitter imposes limits on the number of accounts you can follow
    • 2000 and account dependent
    • 1000 maximum per day
  2. Tweets can be hijacked or, in twitter terms, #tweetjacked.
    • Link Jack – Your link is replaced by another potentially offending link.
    • Chat Jack – Someone disrupts a chat and attempts to change the topic.

Although a tweetjack may not appear to be quite as dramatic or newsworthy as a security breach on Facebook, Sony, or even Google, it could be.  As we have learned over the past few months, the effects of one single “controversial” tweet can be quite damaging even to the extent where careers are destroyed and lives are ruined.

At a minimum, we owe it to ourselves to be aware of potential threats and how to avoid them to protect our online reputation.  I will only focus on the Link Jack since Chat Jacks occur in real time and the offending account can be dealt with immediately, including blocking if necessary.

I will qualify this discussion by noting that “tweetjacking” as discussed here is a rare exception to my overall Twitter experience.  Twitter has enabled me to connect with many amazing people from around the world and the benefits of knowing them exceeds any of my expectations.

What happened?

In a strange, ironic way, lesson #1 and lesson #2 are actually related.  Lesson #1 was the reason for updating our Twitter – Tips, Tools, and Helpful Hints page.  Lesson #2 occurred after I posted the following tweet:

Original Tweet as Published

Once published, anyone on twitter can add or modify the message and retweet (RT) it to their followers. To avoid giving any further credence to the original “perpetrators”, I created the following retweet (RT) using my twitter account:

TweetJack Example

The Look of Innocence

At first glance, the RT above doesn’t appear to be that much different from the original. To the naive and unassuming, everything appears to be in tact with a few exceptions:

  • Added Text:
    • It is common for people to add a comment or #hashtag to your message.  This may be to reflect their own opinion or endorsement as a means to entice their followers to read it and click on the link.  In this case, “Lessons Learned” seems to be appropriate.
  • Truncated Message:
    • Messages that are longer than twitter’s maximum of 140 characters can be shortened using one of many services available such as bit.ly.  “deck.ly”, the default for TweetDeck was used to shorten the message in this case.
  • Link Jack:  Different URL (http://….)
    • Even if the message is not shortened, the link in your original message may be replaced altogether.  In our case, the link “wp.me/Pnmcq-tK” would simply be replaced by another link.  In our case, the link to my intended page was replaced by a link that led to a completely different web page.
  • Unknown Twitter Account
    • If you don’t recognize the Twitter Account that sent the RT, you may want to check that out too.  It is not uncommon for a “bot” to automatically retweet or RT messages containing specific #hashtags or key words.  For example, there is a “bot” that automatically retweets messages containing the word “Toronto”.

It is common for tweets of interest to be retweeted (RT) by others in the twitterverse.  Once a tweet is published, it is in full view of the public domain, including search engines like Google!

What can we do to protect our content?

Twitter is an open platform where we rely on the integrity of everyone in the twitterverse.  To my knowledge there is no way to protect your tweet from changes by others.  Perhaps an opportunity exists to “protect” the original tweet from being tampered or modified.  Until that time arrives, here is a short list of suggestions that may help:

  • Keep your tweets short
    • Others can retweet (RT) without having to “shorten” your message.
    • This makes it easy to compare the RT or retweeted message to the original
  • Verify content
    • Check the links in the messages you receive before retweeting them to your followers.
    • Don’t retweet a message simply because you recognize the account name!
    • Remember, with a link jack everything looks as it should – only the URL has been changed
  • Protect Yourself
    • Do not leave your twitter account unattended or “open”.
    • It is a simple matter for someone to create a tweet
  • Beware of hackers
    • They may have a vested interested your twitter account
    • Change your passwords frequently
    • Use OAuth to allow third party twitter services to access or your account
  • Beware of others
    • People may have a vested interest in your account as you gain more followers
    • People like to follow celebrities
  • Verify Your Followers / Accounts You Follow
    • Don’t follow accounts just because they follow you!
    • Validate your followers
      • Don’t rely on services like http://truetwit.com
      • Verify Age of Account
      • Number of Tweets
      • Last Tweet
      • Frequency of Tweets
      • Tweet Content
      • Number Followed / Following
    • Block Unwanted accounts
  • Report Violations

In conclusion

Establishing an online presence and meeting new people can be challenging for anyone, including business. Is the content reliable? Is the source credible? Who can you trust? Who can you believe?  In the online world we simply don’t have the luxury of saying “time will tell” and more often than not, we learn that our “interests” have been compromised after the fact.

At the very least, be aware that tweetjacking could happen to you.  As you become more popular in the twitterverse, some people may take advantage of your account to serve their best interests only.  Rest assured I won’t be one of them.

Have you experienced tweet jacking? Feel free to share or comment on your experience.

Until Next Time – STAY lean!

Vergence Analytics
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s