There’s another phishing attack on Twitter, and yet again it’s being spread by direct message.
(You can read all the details over at Mashable.)
Here’s what I think you need to do. If you get any of these malicious direct messages, please don’t click on the links, but do make a note of the user(s) that sent them to you. Is that name familiar? Have they fallen foul of these phishing scams before? Several times?
Do they always seem to be affected by these kinds of exploits?
If so, unfollow them. Don’t hesitate, do it right now. And seriously, seriously consider a block, too.
Reality check: it’s probably a safe bet that virtually every single one of us will be conned by something on the internet before we bite the dust. As human and artificial intelligence-slash-guile continues to develop, we’re all potential marks.
People make mistakes, and when something happens to somebody else on Twitter it’s fantastic if you can take a moment to explain to them what they did, and hopefully educate them enough so they won’t do the exact same thing a month or two later.
But if you have users in your network who are always getting tricked, and who are repeatedly getting their accounts compromised, then you need to let them go. Because nice as they might be as people, as long as you’re connected then their neglect and technical naivety becomes yours (by proxy).
It’s a phishing attack today – it might be something a heck of a lot worse this time next week. This might seem harsh, but this is your security at stake. And while there’s any kind of link between you and them, and despite how savvy you think you might be, the odds of YOU getting caught out will continue to increase dramatically each time they screw up.
(PS. If it makes you feel better, send them an email or open tweet explaining why you had no choice. Just don’t click on any links that they send back.)