Skip to main content

Twitter addressing security problem, introduces DMARC to prevent email phishing attacks

twitter email securityThere are a few ways to obtain access to someone’s Twitter account information, and phishing is one of them. Twitter, like many mailing services you’ve signed up for, probably emails you a daily digest or weekly digest about the latest activities from the people you follow. After a while, you’ll stop noticing the email address of the sender. And skipping this momentary glance is all it could take to hand your account information to a hacker. To curb these instances where email recipients can be tricked, Twitter is introducing DMARC.

Sometimes it’s not easy to figure out if an email is legitimate or not. DMARC, or Domain-based Message Authentication, will soon take the guess work out of what’s safe and what’s not safe to read in an email since the software will be able to recognize whether or not the perpetrating email is a phishing attempt in an instant.

Recommended Videos

This rather new technology prevents emails from addresses that might look similar to the real thing from showing up in your inbox in the first place. These types of email addresses are set up to phish you of your account info. For instance, if you see an email from support.twitter.com asking you to type in your account info, you should know to delete the email and report it, as Twitter will never ask you for such information. 

Twitter “postmaster” Josh Aberant, dives a little deeper and explains how DMARC works:

“DMARC solves a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols. It builds on established authentication protocols (DKIM and SPF) to give email providers a way to block email from forged domains popping up in inboxes.”

Aberant notes that DMARC, while still in its infancy, has already been adopted by the major email providers including AOL, Gmail, Outlook, and Yahoo! Mail so the service is a start to helping users protect themselves outside of Twitter’s own Web and mobile clients. Unfortunately many users would prefer that Twitter work on improving its in-app security since the social network has been having something of a security problem recently.

Be warned, even with the DMARC in place, you are still in charge of keeping yourself safe from hacker – so don’t get too comfortable and keep an eye out for suspicious emails.

Topics
Francis Bea
Former Digital Trends Contributor
Francis got his first taste of the tech industry in a failed attempt at a startup during his time as a student at the…
Hey @Jack Dorsey, decentralizing Twitter won’t solve hate speech problems
Twitter CEO Jack Dorsey at CES 2019

Twitter CEO Jack Dorsey floated a compelling possibility on Wednesday: He wants to put together a team to explore decentralizing Twitter.

https://twitter.com/jack/status/1204766078468911106

Read more
I paid Meta to ‘verify’ me — here’s what actually happened
An Instagram profile on an iPhone.

In the fall of 2023 I decided to do a little experiment in the height of the “blue check” hysteria. Twitter had shifted from verifying accounts based (more or less) on merit or importance and instead would let users pay for a blue checkmark. That obviously went (and still goes) badly. Meanwhile, Meta opened its own verification service earlier in the year, called Meta Verified.

Mostly aimed at “creators,” Meta Verified costs $15 a month and helps you “establish your account authenticity and help[s] your community know it’s the real us with a verified badge." It also gives you “proactive account protection” to help fight impersonation by (in part) requiring you to use two-factor authentication. You’ll also get direct account support “from a real person,” and exclusive features like stickers and stars.

Read more
Here’s how to delete your YouTube account on any device
How to delete your YouTube account

Wanting to get out of the YouTube business? If you want to delete your YouTube account, all you need to do is go to your YouTube Studio page, go to the Advanced Settings, and follow the section that will guide you to permanently delete your account. If you need help with these steps, or want to do so on a platform that isn't your computer, you can follow the steps below.

Note that the following steps will delete your YouTube channel, not your associated Google account.

Read more