Twitters, Tweets and Identity Thieves

It seems that identity thieves have been making the rounds of the social networking sites lately. One of the latest victims was Twitter, a site that lets you add one sentence updates as you go about your day. The scam reeks of a phishing attack and uses a similar method to lure in victims.

Twitter members get a message in their private account inbox that asks them to check out a specific website and then helpfully provides a link to said site. However, the site is really just a spoofed site that looks like the Twitter login page. The thief’s hope is that you will think you got logged out and reenter your user name and password. That way he or she gains access to those two pieces of information plus anything else you’ve posted to your account. Then he or she can log in as you and try to draw personal information from your real Twitter friends.

Unfortunately, it turns out that a lot of people fall for scams like these. This is because there is an inherent trust of online “friends.” While this personal touch is what social networking sites strive for, it can be dangerous when identity thieves exploit and break that trust.

Although it is not the ideal choice for many a social butterfly, to prevent this type of scam from hurting you, you have to be discerning and protect your online privacy. Don’t accept friend requests from any old person who offers. Instead, only choose to be online buddies with people you know in real life, or at least people who are acquaintances or friends of friends – basically those who you’re sure are who they say they are. You have to always be thinking of identity theft protection.

If you get an email that sounds friendly and casual, it doesn’t automatically mean it is from a friend. Identity thieves have been using emails with subjects like “check out this website” or “boy will her boyfriend be mad” or even “I love you” for years to try to trick readers into thinking they are legitimate. Check the screen name before even reading the message to make sure it is from someone you actually know. If not, delete it.

Another thing you can do to try to stop these Web 2.0 thieves is to change your password – a lot. There’s nothing wrong with doing this each and every week. Just make sure you remember you did it or could find yourself locked out of your account and wondering why. For a more secure password, go with one that contains both letters and numbers and is not completely obvious, like your house number or birth date. Identity thieves can guess those after about two minutes of research.

Lastly, if you think you already fell for the Twitter scam, you are not alone. Some organizations say as many as one in 20 people that get phishing messages are duped. Instead of stewing about it, contact the FTC and then change your password right away. Then change it again in a week or so. Consider using TrustedID to protect your identity, with 15 points of protection including anti-keylogging software and sophisticated database scanning that alerts you to changes in your credit, it could be the one thing that saves you from a financial or emotional disaster.