243 Or How to undermine twitter accounts
So now and then, even though I don’t condone any sort of nasty ‘net activity, I do think about security and how easy it is to undermine things on the internet. The latest scandal with upstartblogger having his twitter account suspended for trademark infringement and the events leading up to that have got me thinking a bit more about twitter. I’ve just noticed that once again upstartblogger has been suspended from twitter this time with his new account. Funny thing really, twitter makes no money but has funding, upstartblogger releases an affiliate product on how to get twitter followers, makes a truckload of cash off the system and gets suspended. Hmmmm.
I’ve been playing around on twitter for a bit….it is fun, but ultimately, I think, it will slowly fade away as more and more marketers take to it and it becomes another site you go to now and then to play with. From an seo perspective twitter just doesn’t really help the old backlinks too much. I’m sure google is indexing it, but the nature of using short url services kind of defeats the object of getting targeted backlinks The interface is slick and they have the sheer numbers on their side, but I think other microblogging platforms have more to offer in the long run. What twitter has done, though is release their API to all and sundry. I’ve had a play around and I’m developing some scripts of my own to do various bits and pieces – mostly to satisfy my curiosity. They are taking a while to develop though, because, well, work has been insane recently. I’ve been working like a crack whore with an overzealous pimp.
That’s why my blog has been so neglected recently.
Anyway, on looking into creating little applets that interface with twitter, and with the recent suspension of anything that resembles a genesis rocket thing, I started to think of how easy it is to undermine someone’s account. Here is one of my brilliant but nefarious ideas that I’m pointing out as a “could happen to you kids so be careful”. I expect there are already people out there doing bad things and trying to take advantage of the hordes of people trying to get something for free, but here’s my take on what could easily happen. This is something like my way of stealing amazon affiliate sales with free software, except this one steals a twitter account……and gets it suspended. Perhaps even using it to generate some affiliate sales first.
Now if you think people are above this sort of thing. Think again. There is a world of bad out there who are happy to sell their own grandmother to make a buck, and the anonymity of the internet makes it even easier for those whose cogs of conscience have already been ground down by too many gear changes without sticking the car in neutral first.
So, you decide you are a bad person. There are a ton of accounts on twitter you don’t like. Maybe no specific account, but just in general, you don’t like people on twitter. so you look around and decide that what people want on twitter is a way to make money. How to do this? well takes your pick – affiliate products seem to be de jour so people are using those. Now how are they marketing those puppies on twitter? Well, usually they will want to DM their followers with offers and such….or maybe they want to be able to bulk delete their twitter direct messages. Naa auto DM their new followers that is much better….over and above their usual tweeting. Auto DM anyone who follows me? Hmmmm I could write a script to do that. So you do. And you make it good. It works well. It auto DMs. It has a little auto DM spinner built in so messages can rotate. You offer this service for free to all and sundry. People sign up. People have to give your their twitter id and password so you can auto DM on their behalf. If you are savvy and have read my blog…..you know not to sign up with such a service. But many people are greedy. The almighty dollar makes them see green and they eagerly hand over their ID and password for their twitter account to some service from a company or individual that they have never seen, heard of or even done some basic background checks on…..all because the service is free and allows them to make some short term cash by auto DMing people their affiliate links.
Now, run this puppy for a little while, but make it good – slick interface, good web 2.0 looks. You know the kind of thing. Build up a good user base. Get people tweeting about it. Pretty soon you have a large collection of twitter accounts under your control. Now the nefarious business, though I’m sure if you’ve gotten this far you are already thinking of a few nasty things you could do. Anyway, once you’ve got a nice big user base, you can start to monitor people’s downtime – the time that they aren’t on twitter – people are creatures of habit and probably use twitter at set times through their day. Decide on your Armageddon day and for each account start a good old spam campaign using their twitter account details that you have harvested ostensibly to offer some cool service. Spam DMs and Tweets. Spam away during each account’s downtime so they don’t notice it for a good long time. Then get a few friends to start reporting these accounts to twitter. Pretty soon, suspensions start to happen.
And that’s just the start.
Once again, folks, be careful what you sign up for online – and be sure you use different passwords for everything. It is all too easy to fall foul of evil doers among us.
Hopefully I’ve made you think a bit. And hopefully you’ve left this post a touch more suspicious and cautious than when you started reading it.
