I know I’m not the first person to write about this, but today I saw a couple of tweets sent in reply to me, from people I don’t follow or know if any way, that contained links to, well, something. Now, being tech-savvy, naturally suspicious, and generally cautious, I didn’t actually make any attempt to follow the links, but it does point out one of the huge security risks that Twitter use can bring into any organization.
It takes some education to get users to think twice before following a link to a shortened URL that could lead anywhere, and here are a few pointers I would give anyone who asked me.
First off, treat tweets like email. If it came from someone you don’t know, don’t click anything in it without doing some digging. Even if it does come from someone you know, if it just seems out of character (Suddenly your best friend from HS, or a coworker is sending you links about teeth whitening?), be suspicious. It may be that their account has been taken over.
Secondly, keeping with the email metaphor, make sure you know where a link is going before you follow it. In Tweetdeck, my Twitter client of choice, there’s a setting to preview the long URL of any shortened URL. Use it. Make sure the URL to a “funny story” isn’t actually going to big bad malware.com. I believe there’s even some Firefox extensions that will do that as well for any shortened URL in the browser, but not having used any of them, I’ll leave it to you guys for good recommendations on that.
Lastly, if it seems fishy to you, trust your gut. Don’t blindly follow a shortened link. If you really want to see the link, confirm with the person through DM, Email or even an @ reply, that they really did send that, and if they could send you the long URL to access it. You know, just like your IT people have been telling you to do with strange email attachments for years now.
So, until Twitter figures out a way to either let us send full length URLs or builds in a preview feature, be careful out there. Not everyone on Twitter is as honest and trustworthy as you are. 🙂