Dance With Strangers

Twitter, well all social networks in fact, are hurting you. Each day I see a Tweet or a Facebook update from someone saying “Don’t click on that link I just sent, it’s not me, my account has been HACKED!”. Oh my! Immediately the vitriol gets poured onto the social network’s lack of security and the evil madness of cyber criminals. The problem is; it’s not their fault. It is your fault and our use of these networks has made us less vigilant to online threats.

Today I want to look at one of the most dangerous aspects of Twitter/Facebook (can I just call it TwitBook?); the “tiny URL”. I’ve written many times here about the smart use of short URLs for B2B marketing and lead generation and one of the keys to success on that end is personalizing your short URLs. The problem is, 99% of the short URLs you see and click on are generic. And over time all of us have become blind to the dangers of the short URL.

Here is a good example, check this out, http://bit.ly/2ftyru.

Ha ha, that was funny right, but here is the issue, that click could easily have led to a malicious site, malware, botnet or more. All of a sudden your account is pwned and you are left to send out updates that say “I’m not the one sending out that nasty video of Megan Fox”.

Why did you click on that link when you didn’t know where it was going to take you? Primarily because it has become such a regular part of your social network life that we have forgotten that you should never simply open the door to a stranger. Do you click on strange hyperlinks on a web page without first seeing where it will take you? Would you click on a link sent to you in a strange email. The answer should be no and the same should go for short URLs.

Here is my handy guide to being safe on social networks when it comes to short URLs:

• Don’t click on ANY short URL, even when provided by a trusted source, they could have already been pwned. Instead use plug-ins for Firefox and Safari that will unveil the longer URL to validate it is safe. Unfortunately, neither TweetDeck nor Seesmic support such a feature, although it is being discussed, so for Twitter I simply copy the short URL and use Sucuri to validate. (UPDATE: TweetDeck actually has a really great “preview URL” function under settings, nice!)
• Sign up for an account with one of the short URL services and start personalizing your URLs. Not only is it good for SEO and your business, but it also will let folks know it is a legit link and give them an idea of what is on the other end. You will also have a better chance of having me click on that link (if you care about such things).
• Never trust third-party “connectors” and by that I mean all the sites that ask for your Twitter account or Facebook account to “connect” the two. These certainly make life easier, but be wary and only do it when you know it is a legitimate online entity that will be around for a while…thus they won’t just sell off your account information when they go belly up. But even for the legit places it is important to keep them on their toes.
• That leads me to my final point…change your passwords. I do it weekly, you can do it monthly, but please, change them frequently. Sure it means you have to edit them again on Tweetdeck, on your phone and any third-party apps, but it is so worth it considering all the dangers floating around.

The goal here is to never have to send out an update or a Tweet apologizing for something you actually didn’t write and the only way to make that happen is to start getting smarter about how these social networks can hurt.