Barely used twitter account followed a bunch of people... was it hacked?
November 16, 2014 2:00 PM   Subscribe

I have a barely used twitter account. I looked at my profile for the first time this year and noticed I was following almost two thousand extra people. I changed my password (I used a password there I don't use elsewhere). As far as Spybot and Avast can tell me, I haven't gotten any unwelcome visitors. I'm more curious than worried, honestly. Was my twitter account hacked or is it possible to make a user follow someone without hacking into their account? Also, do I have to manually unfollow everyone or is there a quicker way to do it?
posted by Kattullus to Computers & Internet (14 answers total) 3 users marked this as a favorite
 
If your Twitter account was hacked, I doubt it's because someone went onto your computer, so Avast and Spybot won't matter. If you are following people you never followed, it probably was hacked though -- my guess is your account was used by services that charge for follows and you are being used to follow paying customers.

Change the password and also check your app authorizations to make sure it's not connected to some service the hacker may be using. On Twitter, Settings > Apps. It doesn't sound like you actually use your Twitter account, but I have two-step verifications so any login requests from unusual IP addresses are sent to my cell phone for approval. That's in Settings > Security & privacy.

Twitter does not have a built-in way to unfollow everyone. You can use an app like ones at tweepi.com or justunfollow.com. (I cannot vouch for these. I just saw them when I googled "unfollow everyone on Twitter.") When I use apps for stuff like that, I will authorize it to do what I need and then unauthorize it afterward. (Again, in Settings > Apps.)
posted by AppleTurnover at 2:06 PM on November 16, 2014 [2 favorites]


This happened to my friend's barely-used Twitter account. We started to remove them one by one (they were all Italian soccer players and related), but there were so many and the account was so little-valued we decided to just close the account.
posted by bleep at 2:08 PM on November 16, 2014


This happened to me about six months ago, I was suddenly following lots of accounts in Arabic (a hundred or so, not 2000). I had to remove them all by hand, and I changed the password, but I never did find out how it was originally compromised.
posted by dilettante at 2:13 PM on November 16, 2014 [2 favorites]


Response by poster: Yeah, as far as I can tell this happened about six months ago (I got a strange direct message then, which I ignored). There are lots of accounts in Arabic, but also gossip sites, Zappa fans (oddly enough) and the occasional shady account (escort services, mostly).

I was considering closing my account, but it still has a little bit of use for me, so I'm just going to remove all those unwanted follows by hand.
posted by Kattullus at 2:26 PM on November 16, 2014


I had this problem a couple of years ago. It's strange that so many people have had this kind of thing, my passwords are not composed of dictionary words. I wonder if Twitter might have a long-standing security flaw they don't know about, or maybe had one once they never mention to people....
posted by JHarris at 2:29 PM on November 16, 2014 [1 favorite]


Response by poster: Oh, and I checked "Settings > Apps" and there's nothing untoward there. Just Mobile Twitter.
posted by Kattullus at 2:29 PM on November 16, 2014


Best answer: I've seen this happen when a friend too received a strange direct message, and without even thinking about it, logged in to see it. But he obviously wasn't logging in, he was being phished. Are you absolutely 100% positive that six months ago, you weren't prompted for your password when you got that weird DM? The Twitter phishing pages I've seen are extremely convincing. Some of them look exactly like a real Twitter login page.
posted by primethyme at 2:43 PM on November 16, 2014 [1 favorite]


Response by poster: primethyme: Are you absolutely 100% positive that six months ago, you weren't prompted for your password when you got that weird DM?

That could well have been the case, but I don't remember.
posted by Kattullus at 2:46 PM on November 16, 2014


Response by poster: Ah well, I've unfollowed all those accounts. It seems likely I got phished. That's a good lesson to learn. Good that I got that lesson through Twitter, and not my bank account.
posted by Kattullus at 2:57 PM on November 16, 2014 [2 favorites]


I have a twitter account that I only have to keep people from impersonating me [I know] but it was compromised about a year ago.

Odd thing is, I only found out about it much later and there was just one tweet posted and no one was followed.

I guess I don't have as sanitary of browsing habits as I thought I did.
posted by vapidave at 5:03 PM on November 16, 2014


This happened to a friend of mine earlier this year. I'm not sure how it happened, but something that her situation had in common with yours is that it was a twitter account that she barely used. So if you keep this account, I'd recommend changing your password every few months or so in case there is some way that people are getting access to passwords.
posted by kinddieserzeit at 6:07 PM on November 16, 2014


Happened to me too - in my case, it was a lot of (mostly NY-based) rap musicians and the like, and it was on my main account (where I follow around 2k people anyway). I cleared out what I could and changed my password, because what else do you do, but I didn't find any other evidence that it'd been hacked or compromised.

Given the insane amount of self-promotion and posturing my new friends did on Twitter, I did wonder if someone was somehow selling blocks of follow to people who cared enough about such things to pay for it, but who knows...
posted by Devonian at 7:00 PM on November 16, 2014


I wouldn't be so quick to claim phishing, either. I am extra suspicious about any emails I receive with clickable links. I really don't think my account info was phished out of me.
posted by JHarris at 7:17 PM on November 16, 2014


Response by poster: Yeah, I'm extra suspicious too of strange emails, but I could see myself clicking on a fake email-from-Twitter and logging in without noticing it wasn't really Twitter. Out of all the scenarios, it seems likeliest I got duped, likelier anyway than Twitter having some kind of gaping security flaw that's been out there for years without anyone noticing other than people who boost follower numbers.
posted by Kattullus at 2:59 AM on November 17, 2014


« Older Who can tell me why my gas bill is too high?   |   Managing relationship doubts while depressed Newer »
This thread is closed to new comments.