Why Does Twitter Think My Account Has Been Hacked?

I got a nasty shock the other day.  I logged into Hootsuite and, instead of the normal streams of tweets and messages, I saw a pink message saying "The supplied Twitter network credentials are not valid. If you have changed your Twitter password recently, you may need to update it in HootSuite."  What was really worrying was that it appeared on three of my four accounts.

Last time I saw a pink message on Twitter it was because my account had been suspended, so I immediately assumed that this was what had happened.  I clicked on the 'update' link in the pink message and was taken to Twitter where I requested a password update.  I was told that an email was being sent to the gmail account I use for Twitter information.

When I logged into gmail, I found three emails from Twitter, sent the previous day, each relating to one of my accounts and saying "Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We've reset your password to prevent others from accessing your account. You'll need to create a new password for your Twitter account"

OK, panic over.  I hadn't done anything wrong.  I reset the passwords for the three accounts, making sure that I used lower and upper case letters, plus numbers and permitted symbols.  Twitter told me that all three passwords were very strong.

And that should have been that.  But it wasn't.  The original notifications (and resetting) had happened on October 8th.  On the 9th, one of the passwords was reset again.  A second was reset again on the 11th.  And the third was reset again on the 12th. 

According to Twitter's help page, signs of an account having been hacked are:

• unexpected Tweets by your account
• unintended direct messages (DMs) sent from your account
• other account behaviors you didn't make or approve (like following, unfollowing, or blocking)
• Receiving a notification from us stating that "You recently changed the email address associated with your Twitter account." (even though you haven't changed your email address)

None of these had happened on any of these accounts.  So what on earth was going on?  I tried to find some information on  the help pages, but when I entered "account reset", I got nothing relevant.  So yesterday I sent this tweet: "@Support You keep resetting my password but I'm using very strong passwords & there's no sign of my account being hacked. What's going on?"

As yet, I've not had a reply.  I'm hoping that's because they're investigating it and that I will receive an answer in due course.  Have you had something like this happen to your Twitter account?  And were you able to resolve it?

If Your Traffic Has Dropped Off, Try Changing Your Password!

It's a while since I wrote anything here, thanks to pressure of work followed by a week away (very pleasant) and then a nasty virus (not so pleasant!).  However, something has happened in the past couple of weeks that may possibly be relevant to other people, so I thought I'd share it.

I do a fair amount of my list building through Twitter.  Anyone who follows me receives an direct message to say thank you and giving a link which will give access to some free ebooks and allow them to sign up for my weekly newsletter.

Over the past two weeks or so I have noticed that the sign ups I've been getting via Twitter have been considerably reduced from their normal level.  And, at the same time (and obviously related) I have acquired far fewer new followers than I would normally expect.  I had no idea what could be causing this until someone sent me a tweet to tell me that he'd received a spammy direct message from me and suggesting I check my apps and change my password.

I immediately followed his suggestions - and now, after a couple of days, the numbers of new followers and sign-ups to my mailing list seem to be returning to their previous levels.  It had been two months since I'd changed my passwords and I think that in future I'll be changing them more frequently.  But I always thought I'd know if someone was sending spam from my account because on my Hootsuite dashboard I have a stream showing my outgoing direct messages.  However, nothing appeared there, so it seems that there's no way of knowing that this has happened unless someone is kind enough to tell you.

Is Twitter out of touch with its users?

Like many people on Twitter, I have more than one account in order to keep my various interests separate.  I wrote on here, not long ago, about having one account suspended and being unable to determine exactly what the rules of Twitter are.

Just before Christmas, I discovered, when I tried to access it, that another account had been suspended.  This time it wasn't just a question of ticking boxes to say that I'd be good.  I had to make contact with the 'support' desk.  It seemed a good opportunity to ask questions.

I received a form email which said "If your account was suspended for aggressive following behavior, you should have received an email notification to the address associated with your Twitter account"  (which I hadn't) and it continued "You'll need to confirm that you've removed all prohibited following automation from your account, and will stop any manual aggressive following behavior."

I replied, saying that, as far as I was aware, I had remained within the rules of Twitter.  I pointed out that the Twitter guideline of  "if you don’t follow or un-follow hundreds of users in a single day, and you aren’t using automated methods of following users, you should be fine" was very vague.   And I noted that, since the beginning of December I had unfollowed an average of 31 people a day and followed an average of just under 60 a day - not hundreds.  Finally I asked for some concrete advice on  the numbers that are acceptable.

The email I received in reply to this was, again, a form letter telling me that as I'd agreed not to follow aggressively in future, my account would be reinstated.  There was no reference to my request for advice or, indeed, to anything that I'd said in the letter.  I was left wondering whether anyone had read it.

I tried again to contact Twitter and get an answer but all I got was yet another form letter telling me that this particular correspondence had been closed.  And it was then that I realised how well-nigh impossible it is to contact Twitter.  Many of the links in the 'contact us' section lead only to pages with generalised answers in particular areas.  There are very few questions that one can actually ask Twitter direct . . . and "how many people is it OK to follow at any one time?" is not among them.

I was annoyed . . . but at least I'd got my account back.  But when I actually accessed that account again, I was furious.  Because I realised that the reason I'd been suspended was because I'd been hacked.  Only direct messages sent after the account had been reinstated were accessible but, among these, there were well over 200 saying 'thank you for following'.  Now, normally, I can expect perhaps ten or twenty per cent of those I follow to send me a direct message.  So how many must have been followed in this account's name for there to be over 200 - not counting, of course, those that came in before the account was suspended.

So I had been suspended because someone had hacked into my account.  But why did Twitter not query the fact that someone who'd been going along quietly for the best part of a year following 150 or 200 every two or three days, suddenly seemed to have followed perhaps 2000 on one day?  Did it occur to no one that it was out of character?  Or is everything that happens at Twitter automated?  The 'support' emails that I received certainly seem to suggest it.

And, of course, this leads me to wonder why everything is automated and why there is so little genuine support.  Could it be because Twitter is free?  Well, personally, I'd be happy to pay a small amount each year (and with the number of people on Twitter, it wouldn't have to be more than a few dollars) if they'd supply a decent support service.  I'm really angry that I can't email someone to say "I didn't transgress the rules . . . you punished me because my account was hacked".

I'm thinking of writing a letter to Twitter by snail mail  . . . there is an address provided.  Meanwhile I have changed all my passwords and am keeping my fingers crossed that this doesn't happen again.

All in a Twitter about Direct Messages?

I have a suspicion that a lot of people on Twitter don't bother to look at their direct messages (those private messages that you can send to anyone who is following you)  because a lot of them are simply of the 'thank you for following' variety.  But there are also two other types of direct message that frequently appear.

The first of these is the message which tells you that the sender "uses TrueTwit validation service" and asks you to click on a link to validate.  When you do so, it brings you to a page with a 'captcha' phrase that you have to type in, and you are then thanked for validating.  If you investigate further, you will find that TrueTwit  has been designed to help distinguish real people from robots, avoid Twitter spam and save time managing your followers.  So I've been religiously clicking on any validation links that I'm sent in order to assure the person who I've recently followed that I am, indeed, a real person.

I've been assuming that TrueTwit acts as a screening process and that, if I didn't validate, I would automatically lose the chance of being followed by the person concerned.  But I've now been told that if I don't respond to  a validation request, I can still keep following that person and they can still follow me.  So am I wasting my time typing in those 'captcha' phrases?  Possibly the only way to find out is to stop responding for a while and see whether the rate at which I get more followers decreases.

I don't personally know anyone who uses TrueTwit.  So if you use it and have found it helpful (or, conversely, have found it of little use) please tell me about it in the comment box.

I said earlier that there are two types of direct message that keep recurring.  The second of these, which also contains a clickable link, is of the "this user is saying horrible things about you..." variety.  They occur so often that I doubt whether many people are taken in by them.  On the other hand, there is a temptation to click, just to see what the link leads to.  Is this some strange way of selling something . . . and, if so, what?  

However, according to Ian Hardacre, the links in these direct messages - and also those with variations on the "This made me laugh so hard when i saw this about you" variety are all virus-related.  His interesting blog post contains a long list of such messages all of which, he says, are indications that the account from which the message purports to come has probably been hacked and that its owner needs to change his or her password.

And this, of course, leads on to two possible courses of action.  Should we send a message to everyone from whom we receive one of these messages, suggesting that they change their password?  Well, perhaps.  It could be time consuming but might bring us a few followers, grateful for the information.  

And, secondly, should we also check our own Twitter accounts to make sure that they've not been hacked?  This, I would say, is a no-brainer.  It's easy to do if we have more than one account because we can send a direct message from one to the other.  Otherwise, we could ask a friend to check on a direct message we send to them.  It shouldn't take more than a minute or two and it could prevent the direct messages that we really want to get through to our followers from being hijacked.

Finally, of course, this is a reminder to change our passwords regularly.  Yes, it's a bore but with hackers and viruses getting more sophisticated by the minute, it seems a sensible thing to do.