- Associated Press - Wednesday, September 8, 2010

LOS ANGELES (AP) - The Twitterverse is full of far more mysterious forces than indecipherable trending topics and Lady Gaga.

There are people out there with dark, dastardly intents, as I learned when my account was hacked.

Now, anyone who knows me knows I love Twitter. I am a tweeting fool. I’ve tweeted from backstage at the Oscars and the red carpet at the Emmys. I’ve tweeted from baseball games and film festivals. I even tweeted from my hospital bed, sleep-deprived and loopy on pain meds, the day after giving birth to my son.

My husband often teases me: “Oh, sorry, didn’t mean to interrupt your Twittering, or whatever it is you’re doing.”

So yeah, I like social networking. And it’s not all narcissistic nonsense; I’ve never announced I was on my way to get a mani-pedi, for example.

But as the Associated Press movie critic, I’ll always link to my reviews and my colleagues’ good work, or I’ll retweet something funny from celebrities I follow, such as Jay Mohr ((at)jaymohr37) or Elizabeth Banks ((at)ElizabethBanks). I’ve made new friends through Twitter, like SportsIllustrated.com baseball writer Joe Lemire ((at)SI_JoeLemire, no relation), and stayed in touch with old ones, such as CNN’s Jackie Adams ((at)mochagurl).

So you can imagine how bummed I was last week _ and how violated I felt _ when I discovered someone had nabbed my Twitter feed and fired off about 100 tweets in a matter of minutes. Most of it was gibberish about drug charges, sex, the Galaxy Tab and Stephen Hawking. Some profanity, some weird trending topics. Lots of links, none of which I clicked on. It felt as if someone had broken in and rummaged through my stuff with their grubby little cyber paws.

Thankfully, the folks at the Twitter Trust & Safety Team noticed these uncharacteristic bursts of links and suspended my account even before I could get in there to change my password.

Here’s how I found out I’d been hacked: I was on vacation in New York with my husband and my 10-month-old, Nicolas, and had taken the baby to the Brooklyn Children’s Museum to let him escape the late summer heat and romp around. When I finally checked into Twitter from my phone amid the din and chaos of the museum’s cafe, I noticed I’d been pummeled with mentions and direct messages.

I thought, “Huh, I haven’t been doing anything too noteworthy today. These babies are really high-tech.” But then I realized they all said variations of the same thing: As (at)ProgGrrl put it so well, “Your account has been hacked, it’s spewing all sorts of rubbish at us.”

Obviously, anyone who follows me knows I wasn’t trying to sell cheap Viagra. I still felt horrible about inundating my fellow tweeps, even inadvertently. It’s just so obnoxious.

But I wasn’t the only one that day. As Trust & Safety director Del Harvey explained, I was one of several people attacked by a larger network of sites outside the United States. Many of those links sent out through my account went back to Canadian pharmacies.

My account may have been compromised through a process called phish-spam-phish, which Harvey said is one of the most common patterns on the Internet. A hacker will phish for usernames and passwords, then send out spam through those people’s accounts, then use links to phish for more.

It’s also possible that someone I follow on Twitter with a compromised account sent me a message with a link attached to it, then I clicked on it thinking it was something I could trust, and allowed access to my information that way.

Once Twitter suspended my account, I filed an appeal detailing what had happened, what my username is and when I last had access to it. Because this occurred over Labor Day weekend, it took them five days to reinstate me; ordinarily, they try to clear these things up in two to three days. But as Harvey explained, she has four or five people on her staff going through 800-900 complaints and reports of compromised accounts each day. San Francisco-based Twitter has 145 million users.

Story Continues →