#SoYouGotHacked

Takeovers of Twitter handles have companies scrambling to secure their social media. A primer for the paranoid.

By Scott Bixby

@BritneySpears: “I give myself to Lucifer every day for it to arrive as quickly as possible. Glory to Satan!” | @PayPalUK: “OUR SECURITY IS SO GREAT, LOOK AT OUR TWITTER FEED AND SEE!!!” | @BurgerKing: “Try our new BK(SM) Bath Salt! 99% Pure MDPV! Buy a Big Mac, get a gram free! @dfnctsc @tshyne @mcdonalds” | @Jeep: “You’ll never catch @50cent ridin in a Dirty Ass @Jeep!!!! #ForDaLulz #FreeJeep” | @realDonaldTrump: “These hoes think they classy, well that’s the class I’m skippen”

ILLUSTRATION BY 731

Q How do I know my corporate Twitter account’s been hacked?

A The first clue is the flagrant abuse of the caps lock key, followed by blatantly “off-message” posts. During Jeep’s Feb. 20 hacking, its official account declared, “We just got sold to @Cadillac because we caught our employees doing this in the bathroom,” and attached a photo of a man with a pill bottle. In short: If a handle isn’t trying to sell its product and says so in all caps, the password’s likely been defeated.

Q Who’s been hacked in the past?

A Everyone from multinational corporations to multiplatinum recording stars. PayPal U.K. directed its followers to the website paypalsucks.com, and its profile picture was changed to a pile of excrement, when a disgruntled customer took over its feed. A 15-year-old hacker kidnapped the account of Westboro Baptist Church spokeswoman Shirley Phelps-Roper after the controversial church commented on the shooting in Newtown, Conn. In 2009, Britney Spears proclaimed a newfound commitment to Satan to her 3.7 million followers. Yes, she’d been hacked.

Q Who hacks these accounts? The Chinese?

A No. Given the use of the hashtag #Lulzsec in the Jeep attack — and in the one on Feb. 18 on Burger King — the most obvious culprit is Lulz Security. The group is often associated with the hacker cabal Anonymous, which has claimed responsibility for several high-profile online attacks. Gadget blog Gizmodo says the hashtag may be a red herring to cover the tracks of a Rhode Island DJ. China’s unlikely to go after you unless you’re a defense contractor or Google. Most of the time, hackers are simply out to embarrass a brand “for the lulz.”

Q Why would someone bother?

A “It’s difficult to tell what the intent is behind these big corporate hacks,” says social media and corporate brand strategist Kim Garst. “Usually when people are hacking personal Twitter accounts, it’s for spamming purposes, mostly to get people to click on links that are unsavory.” LulzSec often uses its moment in the spotlight to further pet causes such as protesting the Cyber Intelligence Sharing and Protection Act (which privacy activists claim would allow the government to monitor private browsing information with impunity) or ending the war on drugs.

Q What do I do if my company’s account has been hacked?

A If your handle’s compromised, Twitter recommends you change your password and revoke connections to third-party applications such as Instagram. These instructions help only if your hacker hasn’t changed your password to bar access to your page. If that happens — as it likely did with Burger King, which lost control of its account for more than an hour — try a support request allowing Twitter to shut down your account remotely. After you’ve wrested control back, distance yourself from the mayhem. Burger King released a statement apologizing “to our fans and followers who have been receiving erroneous tweets about other members of our industry and additional inappropriate topics.” As for Jeep, Chrysler responded on its official feed: “Thanks for all the heads up on one of our brand accounts. The team is on it. It’s good so many of you have our back.”

Q How do I prevent attacks?

A Many hacks occur because of overly simplistic passwords or easily identified answers to password-reset questions. Sarah Palin’s Yahoo! account was breached when a college student used her Wikipedia page to find Palin’s birth date. Change your password every few months. Even then, stay alert: Many phishing scams use e-mails purportedly from Twitter or other sites to gain access to your account. “Phishing techniques are getting more sophisticated, and even official-looking e-mails can be fronts for more nefarious purposes,” Garst says. Also, limit the number of third-party applications that have access to your page. Instagram and Farmville are probably not going to abuse your account, but giving an application access to your Twitter page is like giving a copy of your house key to an unreliable friend.

Welcome!

Magazines Review offers you a broad range of popular American magazines online. Browse an extensive directory of magazines, covering most important aspects of your life. Find the most recent issues of your favourite magazine, or check out the oldest ones.

About content

All the articles are taken from the official magazine websites and other open web resources.

Please send your complains and suggestions through our feedback form. Thank you.