Twitter introducing new direct message options - to combat spam or invite more?

Filed Under: Featured, Privacy, Spam, Twitter

TwitterNews has been spreading that Twitter is slowly introducing changes to how it handles direct messages (DMs) and controlling the types of links that can be sent through DMs from non-verified accounts.

These changes could have far-reaching implications for Twitter users' security and privacy.

My first thought when reading this news was "Wow, what an odd way of admitting defeat in the fight against spam."

Twitter has not rolled out these changes to all users, but it would appear that links in DMs to URLs other than Facebook, Twitter and Instagram will be blocked.

I might strongly recommend against clicking links in email, but Google, Yahoo!, Microsoft and AOL don't remove links from email messages.

A frighteningly high number of blogs might be compromised by cybercriminals, but I wouldn't suggest Chrome, Firefox, Safari and Internet Explorer render links unclickable.

Restricting the ability to send private links rather than filtering out spammy or malicious ones could discourage users from sharing content on Twitter rather than other private messaging services like SMS, Facebook Chat or MSN Messenger.

I wouldn't normally object to policy changes that could prevent users from being exposed to unwanted messages or malicious content, but this seems to be an extreme response to a largely solvable problem.

The second change appears to be the ability for users to receive direct messages from users they do not themselves follow. This is being rolled out slowly though a new account setting.

This might be particularly useful for organizations that provide customer service and technical support via Twitter and want to have private communications with customers without already having had to follow those users.

At the time of this writing, none of these changes are available on my accounts, but some are writing about the changes being implemented on their accounts.

This is likely a very bad idea for regular everyday Twitter users though. It is a bit of a blanket invitation for unwanted solicitations.

SkypePrivacy170Other services that allow for private messaging have had to implement the blocking of unsolicited messages. If Twitter changes this option to be the new default it will likely end in tears.

Bottom line? Nothing earth shattering.

Check your Twitter settings and be sure "Receive direct messages from any follower" is unchecked once it is available in your profile.

If Twitter blocks you from sending links to your friends through DMs, use another medium. It isn't really such a bad thing to avoid clicking shortened links when you don't really know where they might lead you anyhow.

Look on the bright side, at least they aren't trying to use your profile to promote products or removing privacy choices.

, , , , ,

You might like

8 Responses to Twitter introducing new direct message options - to combat spam or invite more?

  1. I would be surprised if it was Twitter's intention to block links being included in private DMs to sites which weren't in the holy trinity of Twitter/Facebook/Instagram.

    Like you said, it would rather be admitting defeat and something of a sledgehammer to crack the "acai berry diet" nut. And isn't Twitter largely all about about sharing links to interesting sites and news anyway?

    Unless we see an official announcement about this, I think I would assume that it's a flaw in their message filtering system.

    I agree with you on the DM thing - although enabling the option of allowing strangers to DM you might be attractive to support teams and corporate brands, I can only imagine it will open the spam floodgates for regular users.

  2. Opayq · 320 days ago

    "It isn't really such a bad thing to avoid clicking shortened links when you don't really know where they might lead you anyhow."

    But of course Twitter with its character limit is one of the major drivers towards the use of shortened links!

    When will there be a good browser add-in that will "de-shorten" these links - anonymously, without linking your browser and its history to the potentially spammy website?

    • daniellynet · 319 days ago

      "When will there be a good browser add-in that will "de-shorten" these links - anonymously, without linking your browser and its history to the potentially spammy website?"

      I do believe there are addons that do that for you.

  3. Magyver · 319 days ago

    Chester, I'm assuming that isn't the real twitter profile graphic? We don't call messages calls, and we have no "chats".

    Also, a primary use of DM's in twitter is to swap email accounts. Well those be blocked because of the ".com" ending?

    Please advise, and thanks.

    • Chester Wisniewski · 319 days ago

      The screenshot is an example from Skype showing that they had to implement the option of not receiving anonymous private messages because of the quantity of abuse. Sorry for any confusion. I don't imagine this would impact email addresses being sent.

      cw

  4. 2753 Productions · 319 days ago

    I honestly don't have a problem with them doing this. Mainly because I have received literally HUNDREDS of DM's from various followers containing malicious links from other Twitter users who were too stupid NOT to click those malicious links in the first place and thus became compromised themselves - spreading the malicious links themselves. If someone is doing honest work with another Twitter user and 'needs' to have a link in a DM, then they can always do the ol' tried and true domain(dot)com trick. It works and keeps everyone safe and happy.

    I mean come on people! If you receive a DM from someone you barely know with "OMG is this you!? (link)" in it are you seriously dumb enough to CLICK on that link?

  5. "Twitter has not rolled out these changes to all users, but it would appear that links in DMs to URLs other than Facebook, Twitter and Instagram will be blocked." this is incorrect, I have the option enabled and just spammed myself with various links from other accounts, it doesn't block anything

    • Chester Wisniewski · 319 days ago

      Thanks for trying this. I was working off of other media reports. So you don't follow any of these other accounts? Do they all have the feature enabled?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.