We’ve seen another outbreak of spam messages from accounts we follow on Twitter this morning – this time, it’s the usual “make millions of pounds working from home” type tweet, plus the more ingenious “Is this you in this picture? <link>”.
 All have come through as Direct Messages from accounts we know fairly well, so we immediately recognised that the tone and content was unusual for them.
Don’t click!
I’m sure we don’t need to mention that clicking on links in this kind of message (anything which seems “a bit odd” for that user) is a bad idea. Reporting the user for spam is also counterproductive since they almost certainly are unaware that the messages are going out from their account. DO, though, send them a message letting them know there’s something odd happening.
A contact told me my account is spamming, what do I do?
If you receive a notification from one of your followers that they’ve had a spammy message from your account, it’s likely that either your account has been hacked, OR an application that you’ve previously authorised to have permissions on your account has been hacked or has turned rogue. In either case, here’s what you do:
1. Change your password. If you can stand the annoyance of remembering more passwords, it’s a good idea to do this regularly anyway!
2. Check your Authorised applications. To do this, log into Twitter.com and click on the far right item in the top menu – your username/ avatar with a little drop down triangle next to it. Choose “settings” from the menu that drops down.
Then, click the “applications” tab: 
That will show you all the apps you’ve ever authorised to access your Twitter account. If your account is sending out spam, we’d advise you to delete all but the apps you can’t live without. If the spam continues, you may have to delete those one by one too, until you figure out which one’s causing the problem.
Make your Twitter account safer in future
To help avoid this happening again, try changing your Twitter password regularly and / or making it more complex (include numbers as well as letters, and avoid obvious word choices). It’s a good idea to check the Applications tab regularly, and revoke access to any apps you don’t remember authorising, or no longer use.
Have you had trouble with your Twitter account spamming? Please feel free to share any other tips for preventing or dealing with this!
Found this post helpful? Why not  subscribe to our blog, or
 subscribe to our blog, or  follow us on Twitter?
 follow us on Twitter?
 
 
  
   



Thanks for this post – really helped me and others this morning!
That’s great Debs, glad it was timely and helpful!
[…] you clicked on a link that someone else DMed (Direct Messaged) you? Here’s how to stop it: http://www.rosemcgrory.co.uk/2011/07/11/twitter-account-sending-spam-messages-heres-how-to-stop-it/ Here’s Why You Should Be Careful About Twitter User Photo Galleries […]
Thank you for this tip. Great help! Saved my business reputation.
Hi Ray, glad to help and thanks for letting us know
In my case, changing the password gave an error message. I could still change user name and other profile settings but the password was blocked. No more twitter for me thank you.
Bart, it’s not at all unusual for Twitter to be having a “moment” – i’d give it a few hours and try again at least once, before you give up on it altogether
very helpful thanks
Hin
I followed your instructions and I am curious if someone else can abuse my twitter account again.
Greetings from Flanders!
Hot Marijke
Hi – the problem starts when you click on a dodgy link. So unless you do, you should be fine.
Thank you so much! It invaded my business and it was hurting my reputation–I made the changes you suggested and hopefully now I’m a bit wiser than before..
That’s the worst bit about these phishing attacks, it can make your business look bad to those who don’t realise what’s going on. Glad you got it sorted Kelli and thanks for your comment
i’ve tried changing my password a couple times, and i’ve deleted all my apps, but it doesn’t seem to stop..
Thank you for your effort.
I have got the same problem that Bart has. I tried many times to change my password but it’s keep telling me the next message
“1 error prohibited this current user from being saved
There were problems with the following fields:
Screen name has already been taken”
so, what can I do? I feel miserable these days because of the stupid spam tweets and messsages, it makes me crazy
Hmm, if you’ve changed your password and revoked all your app permissions, nobody but you should have access to your account. Unless you’d clicked on another dodgy link subsequently?
Thank you very much for this, stops ruining our reputation we have built over the months.
Great, glad it helped!
Just happened to me. Thanks for the info.
Thanks for this advice. I immediately googled the problem and this page seemed to know EXACTLY what was going on and how to rectify it. After you’ve changed your password/deleted applications, should the direct messages that are unintentionally being sent out to your followers stop as a result?
Nav, you shouldn’t get any more problems if you’ve removed all authorised apps & changed your password, as nobody but you should then be able to access your account to send out the DMs. Hope it’s sorted! ~Kate
Thanks for this! My twitter went mental and every started complaining at me. I’ve deleted the account and app of my iphone. And changed my password and de authorised all apps hopefully this will work ! cant believe i fell for it unfourtunatley it came from a friend who would normally send me a fb video ! SO annoying.
You’re welcome Louis – those phishing guys are smart and sometimes get it spot on with something a friend would really send you. Hope the fix is all good.
Another thing to add in the last part, if you get a(n odd) message but you clicked the link and it’s redirecting you to a page that says something like ‘acces denied, login again’ or ‘request timed out, login again’ first of all do not type in your password and look at the url again, also make sure ther aren’t any things like the l an i swapped (like in lI, you may not see the difference but there sure is) and if you’re sure the link is secured (so the correct site and in most cases using https instead of http) then you may be on the real site of twitter, facebook or any of the kind.
Absolutely. Or just start a new browser tab and put in http://www.twitter.com yourself before you log in, if you’re in any doubt.