Are you an early adopter like me?
If you use twitter, you may have recently seen a post from a friend of yours that said “Just started using http://twply.com/ to get my @replies via email. Neat stuff!”
Being the early adopter that I am, I thought it sounded great. I miss the “tracking” feature where I used to get sms updates when someone sent me an @reply on Twitter. So what did I do? I went to the site and checked it out. When I got there, I saw an extremely vague website.
In fact, there’s no links at all on the site to explain how the service works at all. There’s not even a privacy statement! Instead, at the top of the page, it simply asks you to give them your Twitter Username and Password with the phrase “Your password is safe with us. No worries!”
I THINK NOT!
Don’t do it people! There are ways that this type of service can be done without needing your password!. Just below the username and password fields, there’s a question that says “Support Twply on your first login?” There are two radio buttons where you can choose to answer “Yep, go ahead!” or “No thanks!”
That’s all it says. When I read it, I’m thinking they are asking for donations! Right?
NOPE!
Basically, what happens is that if you click “Yep, go ahead!,” without notifying you, the service LOGS INTO YOUR TWITTER ACCOUNT and makes a post ON YOUR ACCOUNT saying “Just started using http://twply.com/ to get my @replies via email. Neat stuff!”
As it turns out, this is what they author of the site considers supporting Twply on your first login. Two things have obviously happened. The site is gaining a massive number of new users every minute. Why? Well, I have about 1,600 people who follow me on Twitter. Over time, I’ve developed a relationship of trust with most of them. If they were to see a message from me giving such a glowing endorsement of a site that says I just started using this service, please come check it out, people would respond.
But what about the password? One might hesitate, but through this “social engineering” marketing plot, people are giving away their passwords by the droves! Why? Well, go back to the hypothetical scenario I gave before. People might say, “Well Cliff obviously trusted them enough with his password” and knowing that someone they “TRUST” sent a message saying the service is good, and then you see that it says.. “Don’t worry, your password is safe with us!” Well, people just type it in and move forward through the process.
So what’s the big deal? 1) They have your password and shouldn’t need it to do the service they are doing! 2) They don’t explain what “supporting them” means. (There is a difference between supporting a service and endorsing a service! 3) There’s no privacy policy 4) They send out a tweet in the “first person” as if YOU were the one endorsing the site! 5) Read on, because it gets worse!
YOUR INFORMATION HAS BEEN SOLD!
I’m not kidding. You can see this “FOR SALE PAGE. In the information about the site, they write “All advertising is running through word of mouth on twitter, we used a very different method. The method is not loved by everyone but we clearly ask on the homepage weather to use it or not. If they choose to “support us” then a message with the link of twply will be sent out to the users.”
The worst part is that the site actually sold! That’s right, access to literally thousands of Twitter accounts just sold for a measly $1,200.00.
I could go on and on about this one. However, I don’t think I need to say any more to convince you that this is one site that you don’t want to be an early adopter on! Have you already given them your Twitter ID and password? CHANGE YOUR PASSWORD IMMEDIATELY!
As for your email address. I wouldn’t be surprised if you see a bit of increased spam traffic coming in as result of the sale of this site!
