2013 might just be the year of the Twitter hack.
Back in February,
Burger King and Jeep both endured hacks of their accounts. Last week, the Associated Press Twitter account
falsely reported a bombing at the White House after hackers gained control. Tuesday, The Guardian's Twitter account was also reported hacked, though no rogue tweets went out.
In response to the hoopla, Twitter issued a warning to news organizations, which Buzzfeed then published: "We believe that
these attacks will continue, and that news and media organizations will continue to be high value targets to hackers," the memo stated.
Considering the hacks of Burger King and Jeep, non-media brands are almost certainly in the crosshairs, too.
In its memo, Twitter offered tips for preventing hackers from accessing a brand or media account. The company is
implementing two-factor authentication, but it's offering a few simple solutions in the meantime. Here are the key tips Twitter suggested, along with helpful advice from other sources.
1. Change your password regularly.
"Password hacking has become sophisticated to the point where passwords like 'love' or 'guest123' might as well be welcome mats to hackers," attorney Brett
Snider wrote on the FindLaw blog. He and Twitter both
suggest using random password generators and passwords that are at least 20 characters long.
2. Don't share passwords via email.
According to AP reporter Mike Baker, the hack of its account came "less than an
hour after some of us received an impressively disguised phishing email."
3. Limit access to your account.
Writing at socialtalent.co, Holly Fawcett suggests having fewer than five people in the company
who know the Twitter password. "I'd also advise you to draw these account managers into some sort of loss-prevention document where they are made
painfully, and plainly, aware of the seriousness with which they guard the vaults," she wrote.
4. Be careful with mobile devices.
Smartphones are easily lost or stolen, and if you're logged in to a corporate Twitter account on your phone, a thief could easily tweet away as you. "Once
it falls into the wrong hands, the last thing you're thinking of is your Twitter account," Fawcett writes. "Don't trust yourself to keep a smartphone
guarded with pre-programmed passwords for your corporate Twitter accounts inside it."
5. Be careful about logging in.
If you aren't using a third-party Twitter client, be sure you've accurately typed in the Twitter.com URL before putting in your username and password.
"Twitter recommends that you always check that you're at Twitter.com before you log in to prevent possible phishing," Snider wrote. Likewise, don't let
browsers save your password.
6. Review your authorized apps.
When you agree to give a third-party app access to your Twitter feed to retweet directly from a website, share social info or make other connections-you're
agreeing to give that app a degree of access to your account. If you have apps that you're not using or that you don't recognize, get rid of them, Twitter
7. Know what you're clicking.
"Don't click on links from Twitter accounts you aren't familiar with," Snider writers "These links can contain malicious software that will silently
download themselves onto your device and make your account vulnerable to hackers."
8. Make sure your accounts are official with Twitter.
Twitter keeps tabs on bigger, official brand accounts. "Please send us a complete list of all accounts affiliated with your organization, so that we can
help keep them protected," Twitter's memo stated.
9. Create a plan and use it.
Twitter's memo recommends building a crisis plan specifically for hacks and using it when you suspect there could be a problem. For example, if you get a
suspicious phishing email, change the password.
10. Keep an eye on your account.
In a post about avoiding Twitter hacks not long after the Fox News account was compromised, Ethan Klapper at the 10,000 words blog
said knowing you've been
hacked as soon as it happens can greatly reduce damage. "The sooner you are able to spring into action in your response to an account that has been
compromised, the less damage that can be done," he wrote.
Matt Wilson is a staff writer for Ragan.com.
(Image via & via)