Twitter has been the scene of a number of high-profile hacks recently. That’s not something most of us need to worry about, though—few people are actually prominent enough to be the target of such an attack.
On the other hand, most of us are careless when it comes to granting apps access to our services—if you come across an app that promises a cool feature, or says it will give you followers, you might be tempted to give it access to your Twitter account, which is like handing someone the keys to your house.
Of course, it’s okay to provide a trusted, well-known application (such as Tweetbot or Fenix) or service (such as Buffer) to access your account. But other times, it just causes trouble, because Twitter authorization can allow third parties to read your tweets and tweet on your behalf. As we recently discovered, if you’re trusting enough to stumble into the wrong app, you’ll quickly discover the potential for malice. Quite a few people we know have recently been affected by an app that promises to help you get free followers – authorizing freeaddme.us will result in spam being sent to all of your followers, and your account will start following hundreds of other followers. This may be how you increase your follower count, but of course, it’s not what you had in mind when you signed up.
Screenshot of free follower spam followers of affected accounts received on DMs
If you have accidentally been affected by freeaddme.us or any other malicious third-party Twitter application, please follow the steps below immediately.
How to revoke access to third-party apps that have access to your Twitter account
- Log in to the Twitter.com website using a computer
- Click on your profile photo in the upper right corner
- Click settings
- Go to “Applications” from the left menu
- Here, click on “Revoke access to any apps that sound suspicious or any apps you’re not currently using”
Screenshot of 3rd party application settings for Twitter.com
This should prevent malicious applications from causing any further harm. It’s also worth pointing out that some previous high-profile hacks resulted from people authorizing old apps to access Twitter at some point and then forgetting about them. It is important to regularly revoke access to apps you are not using from your Twitter settings.
Next, for security reasons, go to “Passwords” in the left menu to change your password.
For added security, we also recommend enabling two-factor authentication for your Twitter account. To enable this feature, go to Security & Privacy. Here, you can choose to verify via push notification, which basically uses the official Twitter app on your phone to allow logins from other devices. Otherwise, you can set up a code generator application such as Authy or Google Authenticator to generate a six-digit code that changes every 30 seconds. After trying to log in from another computer, you’ll also need to enter a code (which is only visible on the device you set up) to continue.
We hope this tutorial helped you keep your Twitter safe from the many malicious tools that exist on the internet. If you have more tips, please let us know in the comments below.