Hacked Twitter Account
October 15, 2013 6:00 PM   Subscribe

My old, dormant Twitter account recently started sending out direct messages to everyone on my list with spammy stuff. This happened within the last hour, and I just deactivated the account. The password for the Twitter account is different than the password for the email account that I set it up with. The password on the Twitter account hadn't been changed, and no tweets were sent from it (only DMs). Is this likely a third party app jacking the Twitter account (and therefore isolated) or should I be concerned about the establishing email account as well? I ask because this is my primary gmail account.
posted by codacorolla to Computers & Internet (5 answers total)
In your settings, check your 3rd party app permissions. Likely some malicious website tricked you and Twitter into giving it permission to post.

You can (accidentally) give applications these permissions without giving up your password, likely that's what happened.
posted by straw at 6:19 PM on October 15, 2013

That happened to me about three weeks ago. Reset the password and kill third party app permissions. (I know when it happened because I had to look it up when Twitter force-changed my password this morning. Apparently it's going around.)
posted by immlass at 6:26 PM on October 15, 2013

If you have a cell phone with text messaging, you should also check out 2-step verification for some peace of mind.

Basically, it texts you a code that you must type in to the computer before you log in. It acts as an extra layer of security (they must have access to your texts, as well as your password, to log in to your gmail account) and a notification in case someone attempts to log in.

The site mentions Android phones specifically but it works on other phones too (I have an iPhone).
posted by o310362 at 7:34 PM on October 15, 2013

If your gmail account has an entirely different password, it is extremely unlikely that the gmail account is compromised: it is just a place that messages are sent by Twitter, Twitter never had the Gmail password, so hackers can't get into your email. My Twitter was suddenly compromised this past weekend, it showed a "Twitter for IOS" third-party connection I never authorized; I changed my password and disabled the third-party app and all is good, but I never worried about my email account once, because they're not really connected.

(One thought: if they got into your Twitter account, they know your email address and probably your name, so be vigilant if you get any notices from Twitter: they might be phishing emails from whoever compromised your Twitter account trying to regain access)
posted by AzraelBrown at 7:35 PM on October 15, 2013

For peace of mind alone (since it's unlikely your mail account was compromised), I STRONGLY recommend to my friends and family that they look into Google's Two-Step Verification. It makes it much harder for a baddy to seize control of your accounts, and is not a huge imposition in terms of extra stuff you have to do.
posted by jenkinsEar at 7:56 PM on October 15, 2013

« Older Help me name my new cat?   |   What's the best paint color on my wall? Newer »
This thread is closed to new comments.