Protecting Yourself From Yucky People! (Social Account Security)

More share buttons
Share on Pinterest
Share with your friends


caution, hard hat imageProtecting Yourself From Yucky People!

The world, and thus the internet, has its share of scoundrels… or “yucky people” as I heard some cute four-year old put it yesterday..

Here’s a collection of tips to help you this week, focused on how to protect your social media accounts from hacking/phishing attacks.


The “bad blog about you” direct message and the “funny picture of you” direct message going around is a phishing scam and will grab your credentials and spam on your behalf. If you’ve been affected (or just want to be cautious), change your twitter password (make it secure) and go into the settings and enable HTTPS, which will help reduce the number of phishing attacks that can “get you”.

– Here’s how to enable HTTPS for Twitter

– Here’s how to block many Twitter DMs (though sadly this does not work for the infected sort)

PS: As a general rule, don’t open links in DMs


Infected links are ALSO a problem on Facebook and can easily phish your login credentials.

– Here’s how to enable HTTPS for Facebook

– Here’s six signs a link on Facebook is Infected to help you get a “feel” for the red flags (most also apply to twitter)


There are three primary routes of infection on Skype…

1) A seemingly benign “would you check this post out” type message from a friend … with an infected link. These are really sneaky. I will often ask a friend if they just sent me a link and what it’s about before I open it, if it comes with an inadequate message.

2) A text-based notification that your system is infected and you need to click a link to clean it up.

3) A audio-call from any account you don’t recognize, that often is pretending to be “official” using things like “Security Notice” and “Skype Notifications” that instruct you to follow steps to secure your account but actually get you infected.

Block infected fake-accounts and mark them as spam.


There’s a lot to learn about WordPress security, and it starts with simple things like using an account NOT named “admin” and having a secure unique password. Two plugins I like are “Login Lockdown” and “WordPress Firewall” (many still prefer the original, but that may not always be true going forward). There are lots of good plugins, use a few but don’t install them all!

You can learn a lot of easy to apply WP security from John Hoff, at WordPress Defender. Grab a copy of his ebook and you will not only learn the basics, but he also sends out emails when things are amiss.


Run a high quality, user-friendly antivirus. I don’t class Norton or McAfee in that category due to ongoing issues over the years. AVG, Avast, Kaspersky, NOD, and others are all better choices.

Use a router between your computer and your modem. A router helps minimize certain attacks if you do not have a true firewall. Don’t use Internet Explorer.

Keep Windows up to date with security updates.

Be sure to keep Adobe Reader, Java, Flash, Visual Studio, & Windows core files all up to date. Many, many, many infections are picked up by vulnerabilities in these apps. (I can’t tell you how many people I know with old versions of Reader.)

PS: Today, even Macs are vulnerable to several types of infections and for the novice user a good antivirus is still recommended.


Yeah, it’s unfortunate that the world DOES have “yucky people” in it but fortunately with some basic tips you can greatly improve your ability to keep going on about your business without their interference!

I look forward to your thoughts and comments below. Let me know your favorite tips for protecting your business accounts online!

Kimberly Castleberry
Your Partner In Online Success

More share buttons
Share on Pinterest
Share with your friends



  1. says

    Excellent points! Thanks for summary of these options. Especially helpful to have your guidance on the Word Press issues. It’s hard to know which of the plug-ins to choose, with so many choices.

  2. says

    Hi Kim,

    Thanks for sharing these tips.

    Sadly, there are many “yucky” people out there and it seems to get worse, not better.

    But, these tips and precautions are ones that we should certainly take along with a good old healthy dose of common sense.

    Most people choose to see only the good in others and fall prey to these attacks.

    Luckily for me, I am a born skeptic and NEVER trust these things, so I’m usually not effected, but we can’t be too secure and should always take added precautions.

    Thanks for continuing to keep us safe online,

    • says

      Hey Marc, like you I too am a born skeptic but I’ve been bit a time or two myself. Ya know I’m still trying to figure out if the DM going around twitter about the “marketing code” is infected or just a whole bunch of people that have been suckered. I keep poking that one with a stick! Sometimes the hornets nests I poke bite me back but it’s still interesting to study them.

      It’s wonderful that some people still inherently trust in the good will of others – yet at the same time I’d like to make those same people just a little better educated so they can sense when trouble might be afoot. It’s just better that way!

      Thanks as always!

  3. says

    Wondered about that DM I got about a bad blogpost about me! Yes I clicked it before I even thought about it! Dang! I consider myself extremely skeptical, but that one was a fakeout. OK, thanks Kim. Changed my twitter password.

    • says

      If this was basketball, some of these fakeouts would be as renowned as Michael Jordan was for his! I’d go ahead and enable HTTPS too if you haven’t done so already. However, I haven’t seen anything nefarious come from your twitter account and I think we’re following each other so you may be okay :)

  4. says

    As always, great tips here Kim. I agree with you about anti-virus programs. Years ago, both Norton and McAfee were in the forefront but I wouldn’t recommend either of them anymore. Personally, I use Kaspersky.

    Keeping your core files upgraded is an excellent tip. Just yesterday, I discovered that both Microsoft Bing and Yahoo searches for Flash Player are spreading malware links‎. I always recommend going directly to the vendor’s site and then downloading the update. Don’t follow links.

  5. says

    Hi Kim,

    Your post comes at the right time. It looks like someone somewhere has spend a lot of time rebuilding a fake twitter registration page to get you duped in giving your details. I wonder what is in the job descriptions of these people.

    I probably need to read up more on WP security.

  6. says

    Great tips Kimberly – I’ve taken care of FB and Twitter, and my new mission in life is to stop feeling helpless and get serious about learning how to protect my blog from the bad guys. Thanks!

  7. says

    Thanks for this post. I have been seeing a lot of those bad blog about you messages. I figured it was bad news so I didn’t bite. Thankfully. These yucky people are getting wearisome to deal with.

  8. says

    Hi Kim,

    Those are some wonderful tips! I needed some for WordPress as I recently shifted my blog from Blogspot to WP, and these sound awesome. I love the links shared in the post as well.

    Thanks for sharing :)

  9. says

    Aloha Kim, thanks for the heads up on protecting our computer from yucky people. I found your post to be informative and of course you have assisted me with some issues I ran into and got it fixed. Keep it going! Glad I came by and thanks for sharing! Lani :)

  10. says

    I’ve gotten those Twitter emails in my spambox before, but I got something different today. It said my account had been suspended ‘for aggressive following and tweeting….Following large numbers of users and tweeting too much in an attempt to attract attention to your own account can be annoying to other users and is a violation of the Twitter Rules’ followed by a link to Twitter rules. It then said, ‘To avoid account suspension just complete our twitter free offers below……’ followed by a link. I sent it to and marked it as spam. The crooks are always thinking …

    Wishing you a song in your heart,
    Miss Leslie @ Music with Miss

  11. says

    Hi Kimberley.
    While that is all the technical stuff I often find that the real issue is that people do not value themselves highly enough to do this for themselves as a matter of course.
    We need to behave as if our time was valuable and put steps in place to stop this before is becomes a problem. This is what a person with a millionaire mindset would do!

  12. says

    Sounds like I have some things under control and some I have to work on.. Thanks for the info and as always totally what I could use!! Off to ‘work’ I go!!

  13. says

    Thank you Kimberly for all of the good information you keep giving us. I am so grateful there are people like you who are constantly here to help us all. Ilook forward to many more tips.

    Barbara Harnsberger

  14. says

    Kimberly, I have just installed Kasparsky after my husband endured a trojan virus in his computer. It is a crazy world and so important to be aware and cautious and as protected as possible.
    Dr. Erica

  15. says

    Kim, I’ve heard that before about not using admin as your username on a WP blog. But what if you already did that before you knew it wasn’t safe? Do you know of any way to change your username on a blog once it’s set? And if not, is there any other way of protecting yourself?

    Willena Flewelling

  16. says

    This is a real problem( Fortunetely such posts as yours exist and we can read them and find out all the necessary information about it. Thank you very much for it!

  17. says

    Thanks Kim. Those were helpful tips. I just added login lockdown to my blog and am going to work on my twitter account. I already had https added on my fb account. Its such a shame that there are so many idol people out there who have decided that the only thing they do to get busy is annoy and mess around with those of us who are busy doing something constructive. This was definitely helpful

  18. Anna says

    Nice point of view! You have summarized it very well. And now I will think about the “yucky people” Honestly, I haven’t thought about them before:)

  19. says

    Also, you can contact any of the three major credit reporting agencies if you suspect that anyone has gotten hold of your information and get a free 90 day alert placed on your credit report. Once you get a 90 day alert from any of the major credit agencies, they will automatically inform the other credit reporting agencies. It’s a really good free service that most people don’t even know about.

  20. AstroGremlin says

    I hope the bad people online will eventually tire and go back to street crime. Or maybe try to make an honest living.

  21. says

    Hi Kimberley,

    Thanks once again for helping us to rid the “annoyances” of yucky people! I will never get the reason why people do some of the stuff they do like spreading viruses, or infecting social media sights.

    Your instructions are clear and your tips are practical and helpful. I’m so glad we have you as our “go to” person to help with the technical difficulties, spamming, infections, or threats that come along. It’s nice not to have to deal with all of it and we know we can go to you for guidance and the heads up with all that relates to internet marketing. Thanks Kim! You are super cool!

    Raena Lynn

  22. says

    Thanks for the update Kim, I think you can never be too vigilant when online. The growing number of Yucko’s is on the rise and it is not a question of if… but more of a question of when something bad will happen to you. Changing passwords frequently is a good practice and using HTTPS for Twitter… couldn’t agree more!

  23. says

    im having fun reading the “yucky people” thing. haha and also, the post was good knowing that it tackles more about the security purposes and what should be done.

  24. says

    Thank you for posting this. I already had my facebook account on secure server I did not know about the others though. Like skype. I cringe knowing I could have fallen prey to that. Defrauders are just unfortunately getting better and better at making it worst for us. We have to always take the extra mile to protect ourselves.

  25. says

    I had the “bad blog about you” dm a couple of weeks ago. I had to change my password after that, but that was the worst of it, luckily. Thanks for the heads up!

  26. says

    I am always amazed at the proliferation of people who take the time for evil instead of good. Some of these people would do so much more for the world if they would change their attitude about life. Luckley for us Kim is on the side of good protecting us with her constant updates of what wickedness may be coming out way.

  27. says

    We’ve had trouble a few times with WordPress attacks so everyone here who thinks it won’t happen to them, stop thinking that way. We’ve had multiple hacks even though we’ve only got a 76,895 Alexa ranking.

    This isn’t something that only happens to the big dogs. Take advantage of all the awesomeness here! I know I will.

    Thank you Kim!

  28. says

    Thanks Kim,

    It is valuable being on your newsletter list because of very helpful info like this comes straight to my inbox. You are a star!

    I have recently cleansed my Skype contacts list to help prevent the spam.

    Aidan :)

  29. says

    Hey Kim,
    Great initiative to give us all these great tips to keep us safe from all that yukiness out there. The other day I recieved a skype message from a friend and i knew she was not the type of persone to ask me for money. The message was asking to deposit sixty dollars in her Paypal account and that she would pay me back in a week or so…

    I advised her right away and that was that. I’m sure there are more and more people becoming victims everyday. That’s why people like you are absolutly indispensable on the internet and in ones life ;)

    Thanks Kim, I will share this with as many people as possible!

  30. Anonymous says

    Some great tips here. Spammers are getting cleverer all the time in their attempts to seem like actual human beings- and it only takes one person you know to open a foolish link before it’s going all over your social network.

  31. says

    I can add here that Facebook has one going around that calls itself Facebook Security, but it looks like it is from a foreign country because the letters are not right. It looks to me like it was translated by some of that software out there. It advises that you must login via the link it provides and verify your account because you have done something illegal and you will be shut down. I got it twice, both times, the time passes and nothing happens so it is a scam and a Identity theft device, so no one else fall for that one. Facebook actually doesn’t send a warning, if you broke the rules your account is suspended.

  32. says

    I’ve seen lots of my friend that are in trouble with their FB accounts with auto publishing wall posts or msgs from their own accounts. It’s pretty hard to control it but if we already know any factors that we need to consider to avoid this to happen, we can at least avoid to be a victim.

Leave a Reply

Your email address will not be published. Required fields are marked *