Protecting Yourself From Yucky People! (Social Account Security)

October 18, 2011 · 60 comments

in Other Social Media

Protecting Yourself From Yucky People! (Social Account Security)

caution, hard hat imageProtecting Yourself From Yucky People!

The world, and thus the internet, has its share of scoundrels… or “yucky people” as I heard some cute four-year old put it yesterday..

Here’s a collection of tips to help you this week, focused on how to protect your social media accounts from hacking/phishing attacks.


The “bad blog about you” direct message and the “funny picture of you” direct message going around is a phishing scam and will grab your credentials and spam on your behalf. If you’ve been affected (or just want to be cautious), change your twitter password (make it secure) and go into the settings and enable HTTPS, which will help reduce the number of phishing attacks that can “get you”.

- Here’s how to enable HTTPS for Twitter

- Here’s how to block many Twitter DMs (though sadly this does not work for the infected sort)

PS: As a general rule, don’t open links in DMs


Infected links are ALSO a problem on Facebook and can easily phish your login credentials.

- Here’s how to enable HTTPS for Facebook

- Here’s six signs a link on Facebook is Infected to help you get a “feel” for the red flags (most also apply to twitter)


There are three primary routes of infection on Skype…

1) A seemingly benign “would you check this post out” type message from a friend … with an infected link. These are really sneaky. I will often ask a friend if they just sent me a link and what it’s about before I open it, if it comes with an inadequate message.

2) A text-based notification that your system is infected and you need to click a link to clean it up.

3) A audio-call from any account you don’t recognize, that often is pretending to be “official” using things like “Security Notice” and “Skype Notifications” that instruct you to follow steps to secure your account but actually get you infected.

Block infected fake-accounts and mark them as spam.


There’s a lot to learn about WordPress security, and it starts with simple things like using an account NOT named “admin” and having a secure unique password. Two plugins I like are “Login Lockdown” and “WordPress Firewall” (many still prefer the original, but that may not always be true going forward). There are lots of good plugins, use a few but don’t install them all!

You can learn a lot of easy to apply WP security from John Hoff, at WordPress Defender. Grab a copy of his ebook and you will not only learn the basics, but he also sends out emails when things are amiss.


Run a high quality, user-friendly antivirus. I don’t class Norton or McAfee in that category due to ongoing issues over the years. AVG, Avast, Kaspersky, NOD, and others are all better choices.

Use a router between your computer and your modem. A router helps minimize certain attacks if you do not have a true firewall. Don’t use Internet Explorer.

Keep Windows up to date with security updates.

Be sure to keep Adobe Reader, Java, Flash, Visual Studio, & Windows core files all up to date. Many, many, many infections are picked up by vulnerabilities in these apps. (I can’t tell you how many people I know with old versions of Reader.)

PS: Today, even Macs are vulnerable to several types of infections and for the novice user a good antivirus is still recommended.


Yeah, it’s unfortunate that the world DOES have “yucky people” in it but fortunately with some basic tips you can greatly improve your ability to keep going on about your business without their interference!

I look forward to your thoughts and comments below. Let me know your favorite tips for protecting your business accounts online!

Kimberly Castleberry
Your Partner In Online Success

Get The Inside Scoop!
social tripletKeep up with all the latest social marketing changes!

{ 60 comments… read them below or add one }

jamesstrock October 18, 2011 at 10:23 am

Excellent points! Thanks for summary of these options. Especially helpful to have your guidance on the Word Press issues. It’s hard to know which of the plug-ins to choose, with so many choices.


Marc Korn October 18, 2011 at 10:36 am

Hi Kim,

Thanks for sharing these tips.

Sadly, there are many “yucky” people out there and it seems to get worse, not better.

But, these tips and precautions are ones that we should certainly take along with a good old healthy dose of common sense.

Most people choose to see only the good in others and fall prey to these attacks.

Luckily for me, I am a born skeptic and NEVER trust these things, so I’m usually not effected, but we can’t be too secure and should always take added precautions.

Thanks for continuing to keep us safe online,


Kimberly Castleberry October 18, 2011 at 12:07 pm

Hey Marc, like you I too am a born skeptic but I’ve been bit a time or two myself. Ya know I’m still trying to figure out if the DM going around twitter about the “marketing code” is infected or just a whole bunch of people that have been suckered. I keep poking that one with a stick! Sometimes the hornets nests I poke bite me back but it’s still interesting to study them.

It’s wonderful that some people still inherently trust in the good will of others – yet at the same time I’d like to make those same people just a little better educated so they can sense when trouble might be afoot. It’s just better that way!

Thanks as always!


Richard Goutal October 18, 2011 at 10:42 am

Wondered about that DM I got about a bad blogpost about me! Yes I clicked it before I even thought about it! Dang! I consider myself extremely skeptical, but that one was a fakeout. OK, thanks Kim. Changed my twitter password.


Kimberly Castleberry October 18, 2011 at 12:09 pm

If this was basketball, some of these fakeouts would be as renowned as Michael Jordan was for his! I’d go ahead and enable HTTPS too if you haven’t done so already. However, I haven’t seen anything nefarious come from your twitter account and I think we’re following each other so you may be okay :)


Sherryl Perry October 18, 2011 at 10:49 am

As always, great tips here Kim. I agree with you about anti-virus programs. Years ago, both Norton and McAfee were in the forefront but I wouldn’t recommend either of them anymore. Personally, I use Kaspersky.

Keeping your core files upgraded is an excellent tip. Just yesterday, I discovered that both Microsoft Bing and Yahoo searches for Flash Player are spreading malware links‎. I always recommend going directly to the vendor’s site and then downloading the update. Don’t follow links.


Nik October 18, 2011 at 11:17 am

Hi Kim,

Your post comes at the right time. It looks like someone somewhere has spend a lot of time rebuilding a fake twitter registration page to get you duped in giving your details. I wonder what is in the job descriptions of these people.

I probably need to read up more on WP security.


Marilyn October 18, 2011 at 11:35 am

Thank you Kim! This has been a problem for many this past few months. You are always right on time though….Hugs


marquita herald October 18, 2011 at 11:50 am

Great tips Kimberly – I’ve taken care of FB and Twitter, and my new mission in life is to stop feeling helpless and get serious about learning how to protect my blog from the bad guys. Thanks!


Melodie Kantner October 18, 2011 at 1:12 pm

Thanks for this post. I have been seeing a lot of those bad blog about you messages. I figured it was bad news so I didn’t bite. Thankfully. These yucky people are getting wearisome to deal with.


Harleena Singh October 18, 2011 at 1:29 pm

Hi Kim,

Those are some wonderful tips! I needed some for WordPress as I recently shifted my blog from Blogspot to WP, and these sound awesome. I love the links shared in the post as well.

Thanks for sharing :)


Lani - Aloha October 18, 2011 at 2:14 pm

Aloha Kim, thanks for the heads up on protecting our computer from yucky people. I found your post to be informative and of course you have assisted me with some issues I ran into and got it fixed. Keep it going! Glad I came by and thanks for sharing! Lani :)


Miss Leslie October 18, 2011 at 3:43 pm

I’ve gotten those Twitter emails in my spambox before, but I got something different today. It said my account had been suspended ‘for aggressive following and tweeting….Following large numbers of users and tweeting too much in an attempt to attract attention to your own account can be annoying to other users and is a violation of the Twitter Rules’ followed by a link to Twitter rules. It then said, ‘To avoid account suspension just complete our twitter free offers below……’ followed by a link. I sent it to and marked it as spam. The crooks are always thinking …

Wishing you a song in your heart,
Miss Leslie @ Music with Miss


Francis McGrath October 18, 2011 at 5:33 pm

Hi Kimberley.
While that is all the technical stuff I often find that the real issue is that people do not value themselves highly enough to do this for themselves as a matter of course.
We need to behave as if our time was valuable and put steps in place to stop this before is becomes a problem. This is what a person with a millionaire mindset would do!


Kay Wilson October 18, 2011 at 7:02 pm

Hey lady saved my butt again, thanks for sharing;)


Holly October 18, 2011 at 9:45 pm

Sounds like I have some things under control and some I have to work on.. Thanks for the info and as always totally what I could use!! Off to ‘work’ I go!!


Barbara Harnsberger October 18, 2011 at 9:49 pm

Thank you Kimberly for all of the good information you keep giving us. I am so grateful there are people like you who are constantly here to help us all. Ilook forward to many more tips.

Barbara Harnsberger


Dr. Erica Goodstone October 18, 2011 at 10:15 pm

Kimberly, I have just installed Kasparsky after my husband endured a trojan virus in his computer. It is a crazy world and so important to be aware and cautious and as protected as possible.
Dr. Erica


Willena Flewelling October 19, 2011 at 2:04 am

Kim, I’ve heard that before about not using admin as your username on a WP blog. But what if you already did that before you knew it wasn’t safe? Do you know of any way to change your username on a blog once it’s set? And if not, is there any other way of protecting yourself?

Willena Flewelling


Jeanie October 19, 2011 at 3:27 am

This is a real problem( Fortunetely such posts as yours exist and we can read them and find out all the necessary information about it. Thank you very much for it!


Liz K October 19, 2011 at 9:34 am

Thanks Kim. Those were helpful tips. I just added login lockdown to my blog and am going to work on my twitter account. I already had https added on my fb account. Its such a shame that there are so many idol people out there who have decided that the only thing they do to get busy is annoy and mess around with those of us who are busy doing something constructive. This was definitely helpful


Anna October 19, 2011 at 11:54 am

Nice point of view! You have summarized it very well. And now I will think about the “yucky people” Honestly, I haven’t thought about them before:)


Richard October 19, 2011 at 10:18 pm

Also, you can contact any of the three major credit reporting agencies if you suspect that anyone has gotten hold of your information and get a free 90 day alert placed on your credit report. Once you get a 90 day alert from any of the major credit agencies, they will automatically inform the other credit reporting agencies. It’s a really good free service that most people don’t even know about.


AstroGremlin October 19, 2011 at 11:27 pm

I hope the bad people online will eventually tire and go back to street crime. Or maybe try to make an honest living.


Raena Lynn October 20, 2011 at 12:20 pm

Hi Kimberley,

Thanks once again for helping us to rid the “annoyances” of yucky people! I will never get the reason why people do some of the stuff they do like spreading viruses, or infecting social media sights.

Your instructions are clear and your tips are practical and helpful. I’m so glad we have you as our “go to” person to help with the technical difficulties, spamming, infections, or threats that come along. It’s nice not to have to deal with all of it and we know we can go to you for guidance and the heads up with all that relates to internet marketing. Thanks Kim! You are super cool!

Raena Lynn


Annie October 20, 2011 at 2:34 pm

I’ve gotten a few of those on Twitter, and they’re usually pretty obvious but I can see how someone could get duped!


Julia Serafina October 20, 2011 at 8:47 pm

Thanks for the update Kim, I think you can never be too vigilant when online. The growing number of Yucko’s is on the rise and it is not a question of if… but more of a question of when something bad will happen to you. Changing passwords frequently is a good practice and using HTTPS for Twitter… couldn’t agree more!


Crescele October 20, 2011 at 9:16 pm

im having fun reading the “yucky people” thing. haha and also, the post was good knowing that it tackles more about the security purposes and what should be done.


reese October 20, 2011 at 9:21 pm

Thank you for posting this. I already had my facebook account on secure server I did not know about the others though. Like skype. I cringe knowing I could have fallen prey to that. Defrauders are just unfortunately getting better and better at making it worst for us. We have to always take the extra mile to protect ourselves.


Chester Delameter October 21, 2011 at 10:30 am


It’s always great to come to your blog. I have learned so much and I try to share it with others who need help.
Thanks for all that you do!!!

Have a Great Day


reeha October 22, 2011 at 2:21 am

I shifted my all the blogs from blogspot to Worldpress and it works wonder for me. thanks for this useful post.


Sadie-Michaela Harris October 22, 2011 at 2:02 pm

Important information delivered in an easy to digest concise manner for which I am always grateful to Kim :)


Rosalind October 23, 2011 at 8:12 am

I had the “bad blog about you” dm a couple of weeks ago. I had to change my password after that, but that was the worst of it, luckily. Thanks for the heads up!


Joyce Edwards October 23, 2011 at 12:11 pm

I am always amazed at the proliferation of people who take the time for evil instead of good. Some of these people would do so much more for the world if they would change their attitude about life. Luckley for us Kim is on the side of good protecting us with her constant updates of what wickedness may be coming out way.


anne perez October 23, 2011 at 2:37 pm

thanks for the info – It’s frustrating when you get people who take enjoyment out of harming others but that’s the world we live in.


Lewis LaLanne aka Nerd #2 October 24, 2011 at 7:01 pm

We’ve had trouble a few times with WordPress attacks so everyone here who thinks it won’t happen to them, stop thinking that way. We’ve had multiple hacks even though we’ve only got a 76,895 Alexa ranking.

This isn’t something that only happens to the big dogs. Take advantage of all the awesomeness here! I know I will.

Thank you Kim!


Aidan Gibson October 25, 2011 at 11:47 am

Thanks Kim,

It is valuable being on your newsletter list because of very helpful info like this comes straight to my inbox. You are a star!

I have recently cleansed my Skype contacts list to help prevent the spam.

Aidan :)


Nathalie Villeneuve October 25, 2011 at 1:50 pm

Hey Kim,
Great initiative to give us all these great tips to keep us safe from all that yukiness out there. The other day I recieved a skype message from a friend and i knew she was not the type of persone to ask me for money. The message was asking to deposit sixty dollars in her Paypal account and that she would pay me back in a week or so…

I advised her right away and that was that. I’m sure there are more and more people becoming victims everyday. That’s why people like you are absolutly indispensable on the internet and in ones life ;)

Thanks Kim, I will share this with as many people as possible!


Anonymous October 26, 2011 at 9:07 am

Some great tips here. Spammers are getting cleverer all the time in their attempts to seem like actual human beings- and it only takes one person you know to open a foolish link before it’s going all over your social network.


Lynda Cromar October 27, 2011 at 11:19 am

I can add here that Facebook has one going around that calls itself Facebook Security, but it looks like it is from a foreign country because the letters are not right. It looks to me like it was translated by some of that software out there. It advises that you must login via the link it provides and verify your account because you have done something illegal and you will be shut down. I got it twice, both times, the time passes and nothing happens so it is a scam and a Identity theft device, so no one else fall for that one. Facebook actually doesn’t send a warning, if you broke the rules your account is suspended.


Rob Benwell October 27, 2011 at 7:17 pm

Superb post. I’m a Wordpress baby so it really helps me a lot. Thanks!


Tracey Phillips (Bridal Designs) wedding jewellery bridal jewellery October 28, 2011 at 2:50 pm

Thanks for publicising this, I have had so many of these DM’s on twitter this week, the more people know not to click on them the better!


Chris October 29, 2011 at 5:08 pm

I’ve seen lots of my friend that are in trouble with their FB accounts with auto publishing wall posts or msgs from their own accounts. It’s pretty hard to control it but if we already know any factors that we need to consider to avoid this to happen, we can at least avoid to be a victim.


Noel Addison November 23, 2011 at 9:46 am

Thanks for this friendly reminder Kim. We must all ensure that our personal social account are protected.


Leave a Comment

CommentLuv badge