What do I do if my Twitter account is hacked?

Filed Under: Featured, Social networks, Twitter

Twitter account is deadMany Naked Security readers email our tips email account every day asking for help when their online accounts are compromised.

I thought it might be a good idea to provide a step-by-step guide to recover from some common attacks people fall victim to, beginning with Twitter.

There are two primary methods for your Twitter account to become compromised. Either you authorized a malicious application to connect to your account, or your password was guessed/stolen.

The first thing to do as soon as you notice a problem is to scan your system with an up to date anti-virus product to be sure your machine isn't infected and doesn't have a keylogger installed.

Next you need to set a new password. As always we recommend selecting a strong password that is unique for each website.

If mixing numbers, letters, punctuation and case is too complicated (because you aren't using a password manager) then the most important thing to remember is that size *does* matter. Going long is better than something short with a number on the end.

Then you should review the applications you have granted access to your Twitter account. To view the list log in to Twitter, select your account in the upper-right corner and choose settings, then click on the Applications tab.

You'll notice this account has a rogue application installed, Your Profile Views, that has already been suspended by Twitter.

You could just revoke access to any applications you don't trust, but I recommend starting over and revoking all of them. You can simply reauthorize any applications you are actually using as you need them.

The last step is to tweet out an apology to your friends and be sure to alert the Twitter team by sending a message to @safety.

Twitter @safety account

To stay aware of the latest scams and warnings, it is a good idea to follow @safety as well as @NakedSecurity, and even @spam if you wish to stay abreast of the latest spammer activity.

Often corporate accounts can fall victim to hackers, most often from insecure choice of passwords and the need for multiple people to be able to tweet from the accounts to maintain 24/7 coverage.

There are some great solutions that can help you ensure the shared account has a good password without needing to share it.

Services like GroupTweet and HootSuite allow you to delegate tweeting to other user accounts and even moderate tweets before they are posted (in the paid versions).

This won't prevent your employees from choosing a poor password for their own account, but with the moderation feature you can prevent any damage to your brand by accepting a bit of management overhead.

Naked Security reader @PeterVogel pointed out that hackers will often change the password on your Twitter account, locking you out from performing the above steps.

If your password has been changed you can use the Twitter password reset form, or if that doesn't work you can contact Twitter support.

I hope this is helpful to those of you who need to recover your Twitter accounts and for those of us who have to help bail out our friends when they are in trouble.

I will continue to update this article with any additional insights posted in the comments and keep it as a living post.

, , ,

You might like

7 Responses to What do I do if my Twitter account is hacked?

  1. Matt Krickel · 1347 days ago

    On iOS mobile devices you find the authorized applications here:
    start Prefrences, switch to Twitter-preferences. Your authorized apps are listed on the bottom of the prefs screen.

  2. Stuart · 1345 days ago

    This does assume that whoever hacked your account didn't change your password and email address. If they did, then recovering the account is a bit more difficult than described in this article.

  3. geoffscontacts · 1345 days ago

    I was told that when resetting your password you should do so from a different machine from the one on which the problem first occurred - just in case the key logger is still active and your new password is intercepted.


    • Chester Wisniewski · 1345 days ago

      That is why the first step is to clean your machine. If you are not confident that your machine is malware free you might be better off to backup your data and reinstall. If you change your password from another computer and then plan on using the first one again you will have the same problem.

      Malware can be hard to clean up, so if you are in doubt, rebuild.

  4. Robert · 1345 days ago

    If the email account associated with your Twitter account for communication has been
    changed by the hacker, it will be very difficult to retrieve your Twitter account password
    reset and regain control of your Twitter or even other online accounts.

    • Chester Wisniewski · 1345 days ago

      That is true Robert. Your only real option at that point is to contact Twitter support at the URL referenced above.

  5. Mary Jo Manzanares · 1044 days ago

    I have had someone take control of my Twitter account (I can no longer get access). I've filed numerous support claims to Twitter as well as tried to reach them via Twitter through another account. It's been a week and there has been NO response.

    Just starting another account doesn't seem practical when it's my name and someone has been using it.

    Any ideas on how to get resolution at this point?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.