Twitter attackers can prey on their victims from affar

Reviewing my Twitter followers to get rid of obvious fakers/spammers, I found what could be a new (and stealthy) means for attackers to find easy prey: search for people who follow others too willingly. This is twist on the straightforward search for victims which would simply attempt to lure you into following them by first following you. What I'm describing is one step removed from that, somewhat of an indirect attack in which other attackers can hone in on you by looking at who you have chosen to follow.

One source of this problem may come from the blind trust that people have in this new media leading them to follow others without a second thought. The other may be due to your own doing; if you use a tool like Twollow to automatically follow people based on certain keywords, you could easily find yourself following some nefarious characters whose aim may be to trick you into clicking on a link.

FYI, faker/spammer are usually identifiable by a combination of empty accounts with fake names, no updates, no followers, or bios which point to obvious spam (or worse, phishing) sites.

Ultimately, there is no substitute for common sense - before following someone who just started following you, review their Twitter profile, their post activity, the kind of people that they follow and who follows them.

NetworkWorld has a related post on 3 Ways Twitter Security Falls Short.

No comments: