Beware of Twitter Direct Message (DM) Spam and Scams

Have you ever received a "Direct Message" in Twitter with a link in it? Stop and think twice. You might not want to be clicking on it. The link might be a spam. Or worst, it may be a phishing scam.

This is not new. These kinds of spam have been around since Twitter's inception. These are known as "Twitter Direct Message Spam" or "Twitter Direct Message Scams". Instead of "Direct Message", the we often use the abbreviation "DM".

If you Google these phrases, you will find lots of articles trying to help Twitter users become aware of such frauds and annoyances. However, if you are a new Twitter user, you may not be aware of them, how they work, and what their purpose is. This article will explain all this to you in full detail. More importantly, it will show you how to spot such spam and scams so that you do not click on these nefarious links.

First let's explain what is a Twitter "Direct Message". Any Twitter user that you are following can send you a "Direct Message", or a DM. If you are not following the person, they can not send a direct message to you.

However, just because you have received a DM from say your friend, it does not necessarily mean that your friend actually sent that message to you. Your friend's Twitter account could have been hacked by spammers or compromised by a computer virus.

If the direct message that you received is some spammy link, then most likely that is the case. And you should informed your friend that his/her account has been hijacked to send spam. And that he/she should change password immediately. He/she may not even be aware. And you might also want to report the spam to Twitter.

When a person send you a direct message, Twitter will email you a notification that you have received a direct message. The email may look like this ...

In this case, this direct message is a scam. It was not sent by the person as claimed. It was sent by a spammer or a computer virus who wants you to click on the scam link. Whatever you do, DO NOT click on the link.

This is an classic example of a scam message. Note the misspelling of the word "viddeoo" is in the scam message. Whenever you see misspellings, you should become more suspicious.

There are two possibility....

1. The spammer constructed an email that looks like an Twitter notification. Hoping that you be fooled and click on the link.

2. Someone that I am following on Twitter has been hacked. Spammer is using his/her account to send out Twitter direct messages to his/her followers.

In this case here, it is the latter. And the majority of the cases are in that form where an Twitter account has been compromised.

I can tell that this was a direct message sent though the Twitter system. Because when I log into my Twitter account and go to my Direct Messages page ...

I see that same scam message within the Twitter system ...

So clearly, the message came from the account of someone that I am following. If the problem persists, consider unfollowing the Twitter account that is sending out spam. Again, if you are not following, then they can not send you DM.

Now, I am sure that person is not in the habit of sending spams. That is because I do not randomly follow people. And I do not use tools to auto-follow. I vet the people I follow to see if they have worthwhile tweets before I follow them.

To avoid getting too many of these Twitter DM spam, it is best not to "auto-follow". Because spammer will intentionally follow you so that you can auto-follow them back. Spammers want you to follow them because that is the only way they can send you a Twitter DM.

So don't auto-follow. Twitter itself does not have such a feature, but there are tools that auto-follow for you.

If you inadvertently clicked on a spam or scam link, any number of things can happen depending on the spammers intention.

At best, it will take you to some sales page and encourage you to buy something, sign up for something, or do something that will make the spammer a bit of money. Don't buy it.

At worst is when the link installs some malware or virus on your computer. Always keep an updated copy of antivirus / antimalware software running on your machine.

Just as bad is when it turns out to be a phishing scam and your password or credit card number is stolen.

Or it can be anything else nefarious that spammers come up with next.

Let's talk about phishing scam. It is like "fishing" and pronounced that way too, but spelled with "ph".

Phishing is when spammer attempt to acquire your username and password or even credit card by masquerading as a trustworthy familiar site (such as facebook or twitter).

For example... If the message was a phishing scam, the link might take you to a site that looks exactly like Twitter. But if you look carefully at the URL web address in your browser, it is not the correct URL for Twitter. Always check the web addresses on your browser.

But if you are not careful, you might think it is Twitter and what you see is an username and password login. Well, if you type in your username and password to this fake Twitter site, then they have just stolen your username and password.

With Phishing, if you clicked on the link and landed on the fake site, but did not type in any username, passwords, or credit card, then most likely you are safe.

Phishing is exactly one of the ways in which Twitter accounts have been hacked or compromised. Now that spammer has hijacked a particular Twitter account, they can use it to send out more scam direct messages to more people. Of course, spammers may boost efficiency by using computer scripts and virus so that they don't have to do all this manually by hand.

OMG! What if you had clicked on the scam link and had in fact entered an username and password on what you thought were Twitter or Facebook?

Stop reading this and go change your passwords immediately.

One way to see if spammer have been using your Twitter account is to check your direct messages page in Twitter. Do you see any messages that you had not composed yourself?

Here is an example where I sent a direct message to a Twitter follower...

If you expand the conversation arrow, you can see better whether this message was sent from your Twitter account or whether it was received to your Twitter account.

See how the text bubble shows that it was sent from my Twitter avatar. That means that message was sent from my Twitter account.

If you see messages sent from your Twitter account that you did write, then for sure your account has been hijacked and are being used by spammers to send spam messages.

If you do not see any messages sent from your Twitter account, that does not necessarily mean that spammers are not using it. They could have covered up their tracks by deleting the sent messages.

See how when I hover my mouse over the side of the message, then a trash can icon appears. When I click on the trash can icon, a red button appears asking me to confirm the delete of the message.

Once deleted, it can not be undeleted. And there is no history or trace of the message.

By the way, if you received spam messages, make sure you delete them so that you do not accidentally click on the link. Delete your Twitter notification email as well.

Many people use the same passwords for Facebook and Twitter. So if spammer got your password for one, they got the password for the other.

In the scam message in our example, the link appears to go to Facebook. And it could very well be a fake Facebook with a login page phishing for my username and password.

Another possibility is that it could be the real actual Facebook site. Because Facebook allow API access and Facebook apps and such, spammer can get really creative. So any number of things can still trick you even if the link goes to the real Facebook site.

For example, the Twitter link may be a link to a profile page on the real Facebook, which then redirect you to a fake Facebook-like page and then do the phishing scam. Or the link to Facebook may run script that post things on your Facebook wall -- provided that you are currently already logged into Facebook.

It might be a good idea to log out of Facebook (or Twitter for that matter) whenever you are not using it. That way if a link takes you to Facebook in an attempt to run some script, it can not affect your Facebook account if you are logged out.

Or it could be any of the Top 10 Facebook scams. Or anything else. Just be careful.

Twitter Apps can also send out Twitter DM spam. Twitter Apps are applications that you allow to control your twitter account (including sending out Tweets).

You can see a list of applications and what permissions they have over your Twitter account by going into Twitter settings -> Apps. You can then revoke access of these apps.

Scammer use different messages to entice you to click on the link. The message is designed to arouse your curiosity. But they tend to follow certain themes.

Some of the message might be in these forms ...

• what are you doing in this video
• somebody is saying horrible things about you
• you are in this video
• found you in this funny picture
• is this you in this picture?
• check this out... it's a funny blog post. you're mentioned in it
• you didn't see them taping you
• you seen what this person is saying about you
• are you aware of some bad rumors someone is making
• bad blog going around about you
• someone posting pic of you all over twitter
• you have to check this out

and so on ...

And here are more articles about Twitter spam as reported by other websites...