You’ve probably seen one of these kind of messages before:
Here is a list of all the most recent #Alerts about hijacked accounts. So, what happened? Why are these tweets being sent out? What should you do?
Someone you follow had their account hijacked
When you receive one of these tweets or DMs, it is from a hijacked account. This is NOT regular spam. You should let the person know they have been hijacked, and that their account is sending out messages without their knowledge.
Send them a tweet like this:
Your account may have been hijacked. Check to see if it is sending messages you didn’t write, and read http://bit.ly/YouWereHijacked
For more information, read “Is your follower a spammer…or a hijacked account?”
How the latest hijackings work
While there are many ways Twitter hijackers and spammers can try to fool you, currently, in July-November 2011, the main method the hijackers are using is this: When you click the link, you are taken to what appears to be a Twitter login page, but is not.
If you enter your password on one of these fake login pages, the hijacker will take over your account. The first thing they usually do is to begin sending out spam tweets or DMs from your Twitter account, trying to hijack other accounts. Tens of thousands of accounts have likely been hijacked.
What to watch out for
You must read the URL in your browser before logging into Twitter.com. There are many variations of fake URLs such as “tvviter.com” or “ltwitter/twitter-login” and many more.
Do not be fooled by a page that looks exactly like Twitter.com. The page will look normal, except for the URL. If it doesn’t say //Twitter.com at the beginning of the URL, it is NOT Twitter.com! While your browser will make the top of the page look slightly different from mine (you may have icons and bookmarks or favorites, for example), the URL is what counts.
Here are the only two kinds of pages that are real. Look closely at the URL. Both have //twitter.com at the beginning:
If you were logged into Twitter.com, and suddenly find yourself logged out, watch out! You are probably still logged in and have just reached a fake phishing page trying to steal your password.
How does TweetSmarter know which tweets are from hijacked accounts?