I posted this a year and a half ago but it was brought up again and has become a focus of mine again so I'm publishing it here. This was previously posted on http://brandonweir.posterous.com.

For those being phished on Twitter / World of Warcraft / Facebook, if you follow people you know then you wouldn't get these DMs for the most part(you might if their account gets compromised but that doesn't happen that often), and never trust links that asks for anything. Always goto the source to validate instead of using any information provided by the message. Assume everything is a con. The "better safe than sorry" completely applies to everything on the internet if you are wanting to be safe.

Don't follow people you don't know - I know Twitter is about conversing with people you don't know and that charm of it also can be very dangerous. Always assume that someone asking for any and all information from you will do something bad with it. Being paranoid will keep you much safer on the Internet. If someone direct messages you asking any of the following assume they are trying to phish you:

- for password

- telling you your account will be banned unless you give them your information

- that your account is suspected of being hacked

- to login to a specific website 

- is this you in this picture

- general information mentioning nothing specific but asking a favor

- who your mother is (mothers maiden name is used a lot and can get you into lots of things it shouldn't)

- you could win (insert bullshit prize here) if you goto this website

- we are giving away (insert bullshit prize here) for the first X customers

I know some of these things seem pretty normal in what they are asking but that is what they want to do. They want you to be concerned by the information they are presenting and then follow their directions to avoid problems (or they want you to click something and it will download a virus and just take your information).

Just be safe people. I'll close with 2 stories.

I had to help my girlfriend (@DanielleP) delete an email account that had been compromised tonight. It was an old account that used a nickname she doesn't like anymore so the deleting was the easy part. She had a hotmail account that had been accessed by someone else because she logged into an old system that is at one of her job sites that has Windows 98 on it with a virus or keylogger on it. They sent out hundreds of SPAM emails. I at first thought she was being spoofed but all the sent mails were in her inbox. She is forwarding the emails she needs to keep to her new account with a new password. She has been instructed to also change any other passwords that she may have used on any machine at that job site. She lost about 3 hours of time thus far doing this. Be safe, it saves time.

About a month ago I received an email from someone saying that my account had been banned from World of Warcraft. The email was all in text with no links within the email. I had an inactive account at the time and the email address in question was the one bound to my WoW information. This caused me to worry about 2 things. My credit card attached to the account and the account in general. I went right to Blizzard's website (company that produced / owns World of Warcraft) grabbed their customer support number. I was on the phone waiting for a customer service employee when I was re-reading the email. I then noticed the website mentioned at the end of the email was not for worldofwarcraft.com but some other website that was very, very similar. Because I went right to the source to find a solution I was ok. But if they had a phone number in there I could have just as easily fell victim to their scam. Go to the source or Google portions of the email and see what other people are saying about it. For more information please check http://en.wikipedia.org/wiki/Phishing.