We asked three security and social media experts how safe Twitter is, here’s what they had to say about the platform.
Twitter is one of the biggest social media apps, coming in just behind Facebook and the newly popular TikTok.
To help with the current concerns about social media, we asked around and found out what three security and social media experts think about Twitter and how safe it really is.
Keep scrolling to see what we found out.
What is Twitter?
Twitter is a microblogging and social networking site where users interact with each other through direct messaging or through Tweets, which can be seen by other registered users.
Twitter was created in 2006, so just two years after Facebook, and in 2020 the site had 186 million users, with the key demographics being people between the ages of 25 and 34.
What are the main risks?
David Emm, principal security researcher at Kaspersky, revealed to Trusted Reviews one of the biggest risk on social media is over sharing information which can be used by criminals to profile potential victims.
“Cybercriminals thrive on personal details. It’s not just obvious things such as passwords and bank details, but any personal information that they can aggregate to build up a picture of potential victims,” said Emm.
“By giving away too many personal details over Twitter, cybercriminals can use the information to lend credibility to phishing e-mails or to guess the answers to security questions set by your bank, mobile provider, or other online account.
“This is particularly worrying for businesses considering over 80% of British and American employees overshare on social media, potentially exposing themselves and their organisation to online fraud, phishing and other cyber-threats,” Emm went on to say.
Anthony Demetriades, vice president at McAfee, told Trusted Reviews this information can then be used to mount targeting phishing attacks. Phishing emails or direct messages are usually fraudulent messages that encourage users to click a link or reply back with sensitive information. It’s important that you never send personal information over the internet to someone you don’t know.
“Twitter – like so many other digital platforms – is not immune to threats from hackers. Attacks tend to be targeted, with celebrities and public figures becoming common victims of cybercrime on Twitter. For instance, a hacker might attempt to gain access to a notable person’s Twitter account, such as Elon Musk,” Demetriades said.
“This type of phishing attack is a common security threat used to gain access to Twitter accounts. Hackers will try to send public links or direct messages to their intended victim, duping them into logging into fake webpages. Ultimately, the goal is to steal personal information, including email addresses and passwords, to gain access to their account.”
Do hackers target Twitter and if so, do they have any specific attacks?
Tom Gaffney, security consultant at F-Secure, told Trusted Reviews hackers are increasingly using Twitter as a platform to mount such campaigns.
“What is really interesting about twitter is hackers leveraging the platform to commit other attacks,” said Gaffney.
“Being a widely used tool, hackers will use phishing mails purporting to be from Twitter asking users to change their password. Target. Allowing them to steal the users credentials which they can access other accounts with.”
Emm mirrored Gaffney’s argument warning the number of attacks leveraging Twitter is increasing.
“Previously we have seen phishing domains used where they look fairly close to the twitter.com domain. Cybercriminals will use the same page and graphics to tempt you into entering your credentials. This theft can be a risk if you re-use your passwords across accounts,” said Emm.
“Also, check that the certificate for the site is valid using the padlock symbol in the browser. Cybercriminals also use Twitter, along with other social media platforms, to distribute links to malicious sites: so beware of clicking on links in tweets posted by unknown people.”
What data does Twitter collect?
Emm added the attacks are in part successful due to the diverse amount of data collected and available on Twitter.
“Twitter, similar to any other social networking site, collects a wide range of data.
“Twitter uses data internally to customise the information it displays. From its ‘trending topics’ to more localised trends or popularity rankings. The social network also shares user data externally. Advertisers, for instance, get anonymised data about their ads’ popularity. Twitter also gives data to government agencies when compelled by legal request,” Emm continued.
Demetriades said there are ways to hinder the amount of data being collected on Twitter which can help mitigate the issue.
“Twitter collects several data points from users, including usernames, locations, profiles images, time zones and user birthdays,” said Demetriades.
“The platform personalises a person’s experiences across Twitter, including advertisements, by matching user interests based on the topics they follow, profile information and regular activity. To maintain security, Twitter provides advice about how users can protect their accounts, including using a longer, more complex password with a minimum of 10 characters.”
What are the best ways for users to protect themselves?
Outside of this Emm suggested users manage restraint when sharing information on Twitter.
“People need to remain vigilant when using Twitter and other social media sites,” said Emm.
“We have all become accustomed to posting information about ourselves on the internet, but we need to control what we really want to make public and what we don’t.”
He also recommended not sharing you private information, always approach links you don’t recognise with caution and install an antivirus protection if you can.
Demetriades added the platform also needs to continue improving its security protocols to help mitigate the growing number of scams on Twitter.
“As cybercriminals find new and elusive ways to scam users, security tactics across social media platforms need to constantly evolve and adapt. Twitter, and other networks, already provide advice about improving personal security, including more complex passwords, but there are several additional measures users can take to protect their accounts and personal data,”
“The saying, ‘the internet is forever’ is a famous quote for a reason. Whether accounts are set to private or public or if you’re using apps with ‘disappearing’ messages, such as Snapchat, what you post or share can be saved and shared again, so users should think twice become posting. Equally, all users should think twice before ‘checking in’. Check in posts announce our whereabouts to the world, so – for example – users should consider only posting holiday images and stories once they return home.”