New Twitter Exploit Allows Spammers To Add Themselves To Your Following List Without Your Permission

Every since the mass nuking of my Twitter following list, I’ve been playing a lot more attention to who I add. I had rebuilt my new list up to 113 users. However, when I went to check the list just now, I noticed that the list contain 115 users. Two users who I don’t know got added to my following list without me knowing or giving permission.

I would have never noticed this before when I had a policy of following everyone who followed me. But it seems spammers have found an exploit that allows them to add themselves to your following list without your permission. After they get on your following list, they would then send you @reply or DM spam. Unless you are following very few people, like I am now, you may not notice that your following list could have a bunch of spam accounts on it.

Hiding Behind Private Updates

Twitter Spam

The two spam accounts that got added to my list both have private updates enabled. This means you must be following them in order to see their tweets. The reason for putting the account on private is to make it harder for users to report them as spammers. If you can’t see the updates, then you don’t know if their tweets are spam or not. Judging by the last tweets from the two accounts above, I say they’re owned by the same spammer.

I would be interested to know if this has happened to you? Are there people on your following list that you never added yourself? Let’s hope Twitter find and close this exploit real quick. I’ve already deleted 10 accounts on my following list that I never added.