Ever use APPs that connects to twitter? I did (in the past). I used the twitter APP itself (really bad btw) as well as the AMEX one to sync discount offers and a few others. Some I cared about but most were just sorta fun ones. Many, as you see above, say they DO NOT give access to DM or direct messaging. That was not the case for me on Saturday while sitting by the pool watching Delta jets fly by at Waikiki.
All of a sudden my wife, with her shiny new S4-mini, says, “did you send me a DM (i.e. Direct Message or PVT message) just now?” First off, why would I do that when I am right next to you but let’s see what it said.
EEEEEKKKKKKKK! I look at my twitter DM feed and DMs are pouring out to followers and thus far about 100 had already been sent out by “me”. AGGGGGG! I use the APP to change my password and the DMs still just keep pouring out. I run up to my room and jump on my PC and read about how to stop this. The Twitter directions right away say to change password & I had already done that but then it said:
“3. Revoke connections to third-party applications. While logged in, visit Apps in your settings. Revoke access for any third-party application that you don’t recognize.”
And even though all the apps that I had said, as shown above, no access to DMs, as soon as I dumped them ALL the tweets stopped going out. Phew! Time to burn an hour of sun time re-DM-ing those who got a fake tweet (about 150 now of DeltaPoints 3400+ followers) to – NOT open the last DM and sorry it was not from me.
I also took the step to have a PVT code sent to my cell phone each time I try to log into twitter so not only do I now have to use my user name and password (no it is not iluvdelta) I next must enter a number that is texted to me to get access. A real pain but for now worth the security to make sure I and followers are safe.
What to take from this. There are many tech and “free” apps that most of us just scroll down and click accept and go on; we need to understand what permissions we are giving and the risks. Not just to us, but if those places get hacked they in turn could then get access to you. Please keep this in mind as this weekend was a real eye opener for me. – René
.
Gold-Platinum-Reserve Delta SkyMiles®
Credit Cards from American Express®
Click HERE for more info
Responses are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser's responsibility to ensure all posts and/or questions are answered.
Thanks Renee, I always wondered how safe that was. Good post.
In regards to “free apps”. I use an old and sage expression from the 70’s with my customers (they always laugh).
(edit) no one rides for free.
You go all the way to Hawaii and sit by the pool watching planes fly by? Yikes…
As much of a pain as it can be, you should turn on two factor authentication (where your phone generates a special code or you receive a text message with a code) for all the larger Internet websites – Google, Facebook, Twitter, Yahoo, Dropbox, etc. I know so many people that have been hacked that I don’t take any chances – easy trade off in my mind for the extra 10 seconds it takes to login.
René, any chance you wanna tell us what app was the hacking culprit, so we’re sure we avoid it? Thanks, – Ken
@Ken – there were about 6 I had so no way to tell the exact one so don’t want to paint the others with the same brush. The advice is sound, only use apps you MUST HAVE with twitter.