Hacked and Hijacked! What's Next When Your Facebook/Twitter Is Hacked
Symptom:Maybe your Twitter or Facebook friends have gotten viciously spammed with fake offers for a free iPad, or a link to a fake app -- from your profile. Or, maybe you've discover posts on your profile that you never wrote, often with links leading to websites, apps or coupons. You may discover personal messages sent to friends that you didn't write, perhaps asking them to wire money. Or, worst case, you may be unable to log into your account.
Diagnosis:Social networking sites have become immensely popular stops online, and thus the destinations du jour for criminals and black-hat hackers looking to make a buck the easy way. After all, a user's Facebook account is an incredible storehouse of personal and private information, and its very structure, expressly built for rapidly and broadly disseminating data through a complex web of connections, couldn't be better designed for quick-hit schemers. Typical users are happy to click on a link, visit a site or try out an app that they think has been vetted by a trusted friend. In a certain sense, Facebook may be the most successful virus disseminator ever created.
An infiltrated Facebook or Twitter account is unnerving for sure, but for most people it's just a nuisance. If you're lucky, your account may have been commandeered by a crafty individual who simply guessed your password. If so, regaining control of your account may be a straightforward change of your login and password.
If you're not so lucky, it may be that a criminal has cracked your password, taken control of your account, and messed with your settings enough to make regaining control an arduous affair. Among other things, the hacker may have intended to use your account to spread malware, turning you into a virtual Typhoid Mary as more of your friends are potentially suckered in (as well as their friends). If you've populated your account with a lot of private data or connected it to other applications, it may end up being used to infiltrate other parts of your life, as well.
The worst-case scenario is that your hacked social network account is only a symptom of a larger issue; you may have malware on your PC that has harvested all of your passwords for the online sites and services you use. So, not only would your social networking accounts be in peril, but so would be your banking and financial sites, your e-mail, and potentially more. Curing an infected PC may end up being just as hard as regaining control of your online persona, but it's definitely the first step you'll want to take; if you change passwords on your accounts while your PC is still infected, the malware will simply forward the changes to whatever hacker installed the virus in the first place. Before attempting to fix anything on your social networks, first update and run anti-virus software and make sure your system comes up clean. See "What to do if Your PC Gets Compromised" for a complete rundown on the steps you'll need to take.
Causes:Facebook and Twitter are incredibly interconnected, not only with each other, but with "partner" sites that allow you to be logged in while roaming the Web. Facebook Connect is quickly becoming ubiquitous, so there are simply more points of entry for sticky fingers to snatch sensitive information.
The other big issue is that, where Facebook is concerned, Mark Zuckerberg only gives a rat's patootie about privacy and security to the degree that he needs to be. The company was founded on making the private public, and its founder has demonstrated time and again his fundamental ignorance to the fact that security and privacy are interrelated.
As you well know, some websites deliberately host malicious software. If you're still logged into Facebook when you click on a link to the site, it can steal your info, post a link to your profile, and send messages to all your friends, so that others are drawn in as well.
You could have clicked on a bogus link from someone else's profile or tweet, leading you to an official-looking application that requests login info in order to see whatever funny video, photo or app you were expecting. Instead you've just given a stranger the password to your account.
Similarly, you may be duped by an e-mail that seems like it came from a social networking administrator asking you to confirm your details, or update your account, and offers a link to log in. Clicking on it takes you to a spoofed site which asks you to log in first, and then steals your credentials. Starting to sound familiar?
If you've logged into Facebook or Twitter while using public Wi-Fi, someone on the same network can instantly steal your login info using free software like Firesheep (which was intended to shame those companies into being more secure) or similar software.
And, as we mentioned, it could be that your entire PC has been compromised, and has sent your passwords to some far-flung criminal who will do his best to make them pay out.
Treatment:It sounds ridiculous, but, unless you're expecting to be sent a link in an e-mail, post, Tweet or direct message, never get click-y. Cut and paste the link into a browser, and, if it looks fishy (like a site you don't recognize), don't load it. That especially includes e-mails that appear to be sent from Facebook or Twitter (or any other site or service with which you have a relationship). It's better to type the Web address in yourself than risk being duped by a "spoofed" e-mail with a link to a site that may harvest your login info, or attempt to install malware.
We're sure this will change, but for now the lack of malware and exploits for Android, BlackBerry and iPhone make using their dedicated social network apps a much safer option than using your PC's Web browser (at least for Windows PCs). But, of course they don't offer the same depth of functionality.
If your account has been compromised and you're unable to log in, both social network sites have ways of verifying you are who you say you are and can reset your password. Click here for Facebook and here for Twitter.
Assuming you still are able to log into your social networking account, locking it back down is straightforward.
- First, be sure that your PC is clean and not the source of the infiltration. (See "What to Do if Your PC Gets Compromised" for instructions.)
- Log into Facebook or Twitter, and then, under Accounts/Passwords, or Settings/Passwords, respectively, change your password. Use one you don't use for any other online accounts (e-mail or anything), and make it at least six-characters long with numbers, letters and a mix of upper and lowercase.
- For Facebook, add a secondary e-mail contact under 'Email' so you can choose to reset your password using it if your account is ever hijacked in the future.
- For Facebook, go to "Account Security," and check the option to always use a secure connection when possible. This will encrypt your password so that it can't be easily intercepted on public Wi-Fi networks.
- When logging into Twitter, add an 's' to the 'http' part of the Web address to encrypt your password info. (So, it should read: https://www.twitter.com)
- If you've found that your account has been used to post malicious links or has spread spam messages, delete them from your Wall, and post a status update or tweet explaining the situation, so that friends or followers aren't duped as well.
- Check to see whether or not you have been signed up for apps that may be malicious or unwanted, and, if so, delete/block them.
- Go through all of your privacy, application and account settings to make sure they haven't been altered, and restore any that have.