Twitter frustrates users (namely, me) trying to thwart phishing attack

Twitter seems incapable of deftly handling the recent phishing attack on its direct messaging service. Its answer: lock Tweetsters out of their accounts until the danger passes.
Written by John Dodge, Contributor

Twitter is screwing up. While there's a bunch of happy talk on Twitter's blog and no recent hacks mentioned on its status page, a direct message (DM) phishing attack seems to spreading across the social media site.

I wrote about this Monday after my Twitter account had returned to normal. Apparently, I spoke too soon. Twitter has locked me out of my account again even though it would appear that changing my password three times in the past month has prevented the phishers from re-entering my account and sending bogus DMs.

I am caught in Twitter's sweep of accounts that were victimized by the attack a couple of weeks ago. This time around, Twitter locked me out without any explanation except for the lock-out message: "We've temporarily locked your account after too many failed attempts to sign in. Please chillax for a few, then try again."

Well of course, there's too many failed attempts to to sign in. "YOU'VE LOCKED ME OUT. I"M NOT CHILLAXED IN THE SLIGHTEST."

Almost certainly, Twitter will put me through the what's becoming a regular exercise: an e-mail will order me to change my password and then it will keep me locked out of my account for 12-18 hours or longer. When you successfully change your password, Twitter gives you a one time pass back into your account on that computer, but log out and you're locked out again. Frustrating.

Why do I think the phishing attack is spreading and under-reported?  Yesterday, a fellow blogger appeared to have sent me a bogus DM with a link to an IQ test and inevitable request for my cell phone number. It was a message from the phishermen under the blogger's name.

[By the way, NEVER give out your cell number to these creeps because it'll result in charges on your next cell phone bill. Facebook and Twitter cell phone scams should be stopped in their tracks and as far as I am concerned, wireless carriers which bill you for them are complicit in this scheme. They need to screen who they are charging for such junk even if starts with a third party.]

On Oct. 29, @mashable, a Twitter user named Pete Cashmore with an enormous following of 1,719,926,   reported that U.S. Senate candidate Marco Rubio from Florida was DMing his followers with an ad for a colon cleansing product. Now there's a surefire way to get elected. Clearly, he was not sending the message.

I am getting frustrated with Twitter about this hangover from the phishing attack. The problem for me isn't the phishing attack anymore. It's Twitter locking me out (I am prevented from my customary Tweeting of my SmartPlanet posts). The mess is compounded by the fact no one is home at Twitter support to directly handle my problem.

One suggestion in a comment to my last post on the Phishing attack was to try a secure message threading service called Threathat.com (free until March).

It's mission? "...to provide tools and resources that will enable you and those with whom you communicate to experience the highest possible level of reliable, anonymous, secure, private and confidential online communications."

That's sounding mighty good right now.

Follow me on Twitter (sigh).

This post was originally published on Smartplanet.com

Editorial standards