How the mighty fell yesterday… if only for a few hours. US Presidential hopeful Joe Biden, eccentric tech heavyweight Elon Musk, God-complex rapper Kanye West and his reality star wife Kim and the world’s richest man (Amazon CEO) Jeff Bezos and other widely followed celebrities were targetted in a high profile hacking spree. They lost control of their Twitter accounts to a group of hackers, who posed as the celebs and asked followers to send bitcoin money to various addresses. In a matter of hours, they siphoned $120,000 (roughly Rs. 84 lakhs). Worse, experts say the bitcoin fraud could be a distraction for a more serious attack on the direct messages of the celebs.
Twitter Support released this thread on the investigation surrounding the hack:
Our investigation is still ongoing but here’s what we know so far:
The hackers had an insider to pull off the fraud, so there’s no guarantee anyone will be safe. Nevertheless, here are tips for Twitter users to tightly secure your account from running off the rails.
1. Report suspicious accounts
Is someone trolling you incessantly? Do you get direct messages that border on offensive? Twitter allows users to report abusive accounts, so that the platform can take necessary action. However, it doesn’t have a perfect score in this regard; offensive accounts aren’t always banned. They get a temporary suspension at times, or may not be pulled up at all! To report an abusive Twitter account, click the three-dot icon on the troll’s profile page and select “Report”. For singular tweets, open the drop-down menu on the tweet in question and click on “Report tweet”. Give details about the reasons for finding the tweet offensive.
2. Use the quality filter
Did you know that Twitter has a feature called quality filter that protects your eyes from low-quality tweets and images? You are saved from being spammed with bot-generated tweets, duplicates and such in your feed. The quality filter saves you the hassle of muting accounts and clickbait words. To turn on the feature, go to “Notifications” via “privacy and safety” under the “settings” tab. There are Advanced Filters for muting notifications from accounts created for the purpose of spamming and fake likes. You can mute notifications from users who you don’t follow or whose email and phone numbers aren’t verified.
3. Enable two-step verification
You have spent the better part of a day to come up with a strong hack-proof password. It’s not enough. We suggest opting for two-step authentication plus added verification for resetting password (so no one else can change it or lock you out of your own account). The second step can be set to either a text message, security key or another app. Once this feature is activated, you will be logging in only after entering your password as well as the login code through text or app.
4. Don’t share your location
Cybersecurity is no joke. Tweeting with your location data sounds fun for the extroverts who want to tell the world where they go and possibly connect with friends there. However, the road to social media hell is paved with good-intentioned features. Broadcasting your whereabouts live could leave you open not only to cyber attacks but also to unwanted attention in the real world. Twitter lets you deactivate the feature and thankfully delete location history of previous tweets. Uncheck the “Location information” tab under Privacy and Safety. On your phone, go to “Precise location” and turn it off.
5. Switch off DMs
Apart from public (and private) tweets, Instagram and Twitter allow users to exchange private Direct Messages. DMs at odd hours are peace-breakers and hell-raisers to the core. Worse, if they come from unknown accounts you don’t follow. If you’re wondering how that happened, anyone you don’t follow can definitely send you a DM if you have opted to “Receive Direct Messages from anyone” or have DMed that account previously. The rule applies to groups as well. Undo this by unchecking the option to receive messages from anyone. Foolproof your safety by switching off “Show read receipts” which would otherwise inform the user that you’ve read his/ her message.
There are other tips for Twitter users to be more secure, like controlled photo tagging, tweeting privately and turning off personalization and data. The foolproof way, of course, is to spend less time on social media.