Those of you who follow the Victorian Police Twitter account may have noticed over the weekend an odd tweet about a magical weight loss technique. Most followers would have picked up straight away that the tweet was from someone who had gained unauthorised access to the Victorian Police account and the police moved quickly to inform followers and delete the tweet. (You can read more in this article about the tweet, with obligatory donut reference.) To see an official and trusted account accessed in this way is a timely reminder of the importance of keeping your accounts protected.
We’ve probably all received strange tweets or emails from our contacts, usually with a message that “This user is saying nasty rumours about you” or “I saw this photo of you and I’m laughing so hard” with a link to a malicious site. Because so many tweets share links using URL shortening services it can be difficult to see if a link is trustworthy just by looking at the address. Our tip would be to only open links from trusted sources, and make sure they have some context provided rather than just a general message like “I saw this site and thought of you”.
Twitter in particular seems susceptible to the problem, possibly because of the ability to connect a number of third party applications to your Twitter account. Being able to log in to different services using your Twitter account is very handy, meaning you don’t have to remember multiple passwords and making it easier to share links with one click. But the side effect can be that you are handing over partial control of your account. When you authorise an external service to access your account make sure that you read what the service will be able to do, and only authorise if you feel comfortable and trust the service.
Even if you have given permission to access your account, you still have the power to revoke access to an external service at any time. In order to secure your account and not see your followers or friends spammed with annoying or dangerous messages, we recommend doing a bit of housekeeping. Have a look at the services linked to your accounts and revoke permission to any that you aren’t using anymore or don’t trust.
To help you out, we’ve put together guides below to revoking external access to the three main accounts that you might use; Twitter, Facebook and Google.