Recovering from Twitter Phishing / by Chel Wolverton

If you have gotten your Twitter account hacked because you've clicked on a phishing scam link, here's how to get it cleaned up.  Otherwise you might find yourself on lists you don't want to be on. Edited to add: Also, periodically check your sent tweets to see what your account has been doing without you!  (Hat tip to @cspenn.)

Step 1: Stop clicking the links that get you hacked in the first place.  Even if you know the person, consider the message that's accompanying the link.  If it sounds suspicious it probably is.

Step 2: No seriously. Stop.

Step 3: If you are still logged into your account, log out.

Step 4: Clear your browser cache and close out of it completely.  (If you have numerous tabs open and don't want to lose them?  Save them as a group in a folder.)

Step 5: Re-open your browser, go to Twitter and change your password.  No, don't use the same password.

Step 6: Go to settings -> connections.  Revoke access to any OAuth permissions that are suspicious or that you aren't actually using.  Remember these hacks almost always require you to login or give them permission via OAuth, make sure you trust the companies/people you grant permissions.

revoke OAuth

Step 7: Report the hack to Twitter then delete any tweets from unauthorized access.  Prevent others from following the link from your hacked tweet.

Step 8: Post to your blog (i.e. somewhere other than Twitter) to let people/friends/followers know that you've been hacked, not to click on links that seems suspicious and when your account has been secured.

If you need help with the clean up or want more advice on how to prevent your account from being hacked you can contact me.  I consult on a number of different topics including social meda, manage Wordpress maintenance, and  help clients manage their time effectively.

Find this post helpful? Please subscribe to our RSS feed!