Twitter account hacked

June 23, 2009

Please be very careful where you dish out your Twitter credentials. There are so many sites that claim to offer you little knick knacks, the best of course being the esteemed “thousands of followers, just key in your details here”.

Most of them are full of crap, and I have witnessed first-hand how a friend’s account was hacked. I was suddenly getting a plethora of lewd messages about “come watch me play with my 12inch toy LIVE”. (Are they talking about the new Optimus Prime Transformers toy?).

transformers-toy

But since her username was changed to sexaddictchik, I gathered it wasn’t the transformers toy. They didn’t change her real name, so I was able to contact her and alert her to this account takeover. If they had done that, I don’t think I’d be able to tell who it was.

twitter-hacked

In summary, ensure the site you key in your Twitter credentials at is a reputable looking site, and others have used it too. If they promise you too much, they probably are lying. If in doubt, don’t key in your username and password anywhere except the main Twitter site.

UPDATE: 5:49pm, 23 June 2009. Yet another account has been hacked.

twitter-hacked2

by TheBackpackr |
View Comments |
Social Media, Technology
  • http://euveng.com EVo

    That’s true man. people tend to forget about this and pay more attention to phishing links from banks only lol.

  • http://www.dannyfoo.com/blog Danny Foo

    Well, let’s hope her password wasn’t one of the most common used ones. Otherwise, like internet banking – never give out your username/password to unbelievable sources.

    Or, you can just tell her to check with you on certain things for confirmation if it’s a phishing scam. :)

  • http://www.chewak.com Lisalicious

    i just got my gmail account hacked and luckily i was able to recover it back..!!!!!

    haiyo the pain!!!!

  • http://liworld.blogspot.com Jing-leBelle

    It’s scary man..
    I think it’s time to take it serious like bank account number?
    I don’t wanna register new account again and add all over again >.<

  • http://blog.bitfluent.com Kamal

    As a matter of principle, you should never ever give out your Twitter username/password to any third-party site. Twitter has rolled out oAuth which allows third-party applications to do interesting stuff on your behalf without requiring the users giving up their passwords at all, for example the iranelection avatar tint, posting on your behalf (think twitterfeed). There is no excuse for sites not to implement this.

  • http://www.integricity.com The Backpackr

    Kamal: Thanks for the authoritative view on the principles of passwords, though to be honest, some services have yet to implement oAuth, which is a pity. I’m sure it’s a matter of time.

    Lisalicious: Glad to hear you got your Gmail account back. Do be very careful with where your personal information is stored.

blog comments powered by Disqus