Tuesday 2 June 2009

Twitterjacking.. or fake Twitter accounts

John from Kuranda writes.....

As Twitter continues to take off and people catch on to its potential to direct traffic online, we’re seeing more and more fake accounts building up on the network.

Like most things on Twitter, setting up an account is trivial. There’s no means of verification at the point of sign-up and the service is dependent on its users for exposing the charlatans.

So we see fake accounts established for a whole range of unsuspecting celebrities and organisation. Exposed already have been fake accounts for amongst other, the Dalai Lama, George W Bush and Kayne West.

Here in Cairns we have seen fake Twitter accounts purporting to be Cairns Regional Council and even CairnsBlog. Council have formally requested that this is closed down. I suspect that that is just the tip of the iceberg.

Twitter has attempted to put some structure in place with its Twitter Rules. But Twitter is a unique site in that, as long as they are parodies, fake accounts are not prohibited by their terms of service. But according to Twitter:
  • "The profile information on a parody account must make it obvious that the profile is fake, or it is subject to removal from Twitter.com. "
There is a fine line between parody sites and those that are blatantly untrue and dripping with malice aforethought.

Twitter needs to sort out its architectural issues and start to deal in a meaningful way with its signup and verification processes. Otherwise the twitterjacking phenomenon is going to be one to watch.

I don’t think it will go away in the immediate future; it’s just going to get a bit more sophisticated. Plus Twitter may be a potential target for cyber-criminals looking to spread malicious links. Already there is an on-line market for the buying and selling of fake Twitter sites.

Enter also to the wonderful world of spam and scams – both seem to be flourishing thanks to Twitter. Think about it. Set up, for instance a fake Twitter for Kevin Rudd. How soon would it take to have a 1000 people sign up? And it would take just a few seconds to send a span/scam message to all thousand.

So in the end it is really a case of Caveat emptor, - let the buyer beware - with Twitter. Before blindly signing up to follow tweets, check out to make sure that it is the tweeter you think it is.

Finally, if you are a frequent Twitterer, keep your virus protection software up to date and run it regularly.

No comments: