How Twitter and Obama Got Hacked

hacker

Both Obama’s Twitter account and Twitter itself got hacked into. Can you believe that? Well I read a great article on how the hacker did it.

This will amaze, but hopefully will inspire you to take action, too.

The hacker’s name is “Hacker Croll”. He’s a 20-something Frenchmen who breaks into corporate and personal accounts in his spare time. Hackers likeCroll are incredibly diligent and patient, as you’ll see here.

Hacker Croll shamelessly publishes the methods by which he gains access to accounts, and to start with he utilizes an entire network of sites to gain enough information to break into the target. He starts by building a database of information about the company and its employees. He keeps track of any information he can get his hands on, even the employees’ pets names.

As you continue to read this, keep Nicole Dean’s e-Book”How To Avoid Disaster” in the back of your mind. Can you really afford to be without it? http://danmorrismarketing.com/password

Hacker Croll knew that he probably only needed a single point-of-entry into any one of the business or personal accounts in his list. Since most sites are set-up so that users log-in with an e-mail address and password, once he got one – he likely could break into many. Why?

Because people generally use the same information for each site.  Imagine if someone hacked into your e-mail account? Could they not go to any site on the web and press the “I forgot my username” button? Or the “I forgot my password button”. It is precisely this system that allows hackers like Hacker Croll to break your simple Hotmail password in order to break into your bank account.

Going back to Twitter, Croll knew that he only needed to find the weakest employee password to get into the network. Companies that allow their employees to come up with their own passwords are in jeopardy for precisely this reason. Unfortunately for Twitter, Croll found such an employee and was able to crack his Gmail account.

If you’re a business owner, you should know that because of human habits, someone could break into your server just by learning the password of an employee’s personal blog, or e-mail service or twitter account.

From there, Croll mines the Gmail account information for more information about other sites the user is registered at. He quickly found that the employee used the same password at many sites. And in the case of “secret question” websites, he found it even easier to break in. Imagine trying to break into an account where there are a billion possible passwords, and then get help from the secret question as it narrows the options down to “pet names”.

From this point Croll had access to all the employees email attachments, business notes, and important information.  That led him to quickly taking over the accounts of the founders Evan Williams and Biz Stone.  Croll then got control of their AT&T, Amazon, iTunes and MobileMe accounts.

He got access to over 300 business documents which he sent directly to the media to proved he’d broken in. In this case he didn’t steal the secrets or hurt anybody. He did what he wanted to do – expose weakness. He even sent them a note that said “better fix your holes, or someone malicious will break in next time.”

Regina Smola, of WordPress Security Lock, and I are putting on an internet security seminar March 31st. We’re going to be teaching you everything you need to know about keeping your WordPress blog and Twitter account safe and secure. And how to recover from problems should they occur. If someone hacking into your accounts will put you at risk, you and your employees need to join us!

Take Action today. Go to http://danmorrismarketing.com/security – This is one problem where waiting could be too late.

Integrating Twitter into Your Business Model

Today I spoke to Terri Brooks with the Social Media T Room about integrating Twitter into Your Business Model. We covered the three basic business models used on Twitter and some contingency planning tools to keep your business account secure.

The primary model on Twitter is the One User One Account model. This is the most “respected” model where you spend most of your time (your Twitter time that is) tweeting live, responding to others, Retweeting others comments and general relationship building. It is this model to which you’ll read about most.

To make this happen, go to twitter.com and set-up a Twitter account. Done.

The second model I call the Broadcast Model and would consider this a tool most closely related to advertising on radio. Basically, a Broadcast Model Twitter account is an autopilot account that both auto-follows and auto-tweets messages.

What makes this better than radio is the ability to follow people who use specific keywords. In radio you try and align your target audience with the kind of radio station they’re listening to. Very unscientific. Suppose you could build a Twitter list of 10,000 people who’ve mentioned wine, and 6,000 of them follow you back. That’d be a great start for a company in the wine industry.

I started using this for my Twitter Problems account and it gets retweeted more than anything else I do. Useful?

To make this happen you have two basic steps. Get a Twitterfeed account and follow the instructions there. This is the service that will auto-tweet news and information related to your industry. 

Finally, the third basic model for business Twitter accounts is multi-user account. I’m going to break this into two separate purposes.

twitter.com/predfans uses the first purpose brilliantly. Suppose you want to tweet about the Predators Hockey team a lot but know that many of your followers are going to be turned off by this. Using a service like retweetbot.com, you can tweet directly to predfans and ONLY people who follow Predfans will see that tweet. This would be great for a conference. People interested in the Predators or in your conference could then follow one account and see all the relevant tweets.

Cotweet.com specializes in this as well. They want you to have one Twitter account for your business. But that one account shows Tweets from multiple people in the company. For instance if you’re the local Zoo, the dolphin handler could be a tweeter, the guy who scoops the elephant dung could tweet and the marketing guy could tweet. But the public would only have to follow the one zoo account to see all those tweets.

To make this happen, check out retweetbot.com and cotweet.com. All the necessary instructions are there.

So what do you think? Which kind do you prefer? Do you see the benefits and drawbacks from each?

Reblog this post [with Zemanta]

The Money is Not in The List

The money is not in the list. How many times have you heard that? I suppose there’s someone out there using that headline just to attract traffic. But the truth is the list itself is not that important.

If the list were all that mattered, then the richest people would be those with the biggest lists – the spammers. But when was the last time you saw a “spammer” interviewed on Oprah? No, the list may not mean anything at all. The money is in the manner you grew your list, if that is supported by the value you provide afterwards.

Dave Ramsey, the financial guy, thinks everyone should have to experience “killing your food and dragging it home”. Basically, the entrepreneurial life. Until you’ve worked on commission = which every entrepreneur does,  it’s hard to equate work with money.

Internet marketers are in the business of dragging home their dinner. In fact, the income of the internet marketer is directly proportional to the amount of value he creates. (or she. . .sorry. There should be a word that means he/she) That’s the key right there.

The money is not in the list. It’s in the value you provide to the list. If you keep your customers’ goals in mind – and help them achieve their goals. . . you’re providing value, creating trust and opening the door to sales.

The hard part is knowing what your customers’ goals are. Suppose you have a hobby site – like bird watching or knitting. What are your customers’ goals then?  That’s what you have to explore. . .and foster and ultimately find the solutions to. If all they want to do is look at photos of pretty barn quilts – then that’s what you should be giving them.

When you become the solution to their goals, you can give them the do-it-yourself information and offer the expedited version. The money. . . is in their pockets.

How do you use your list? Is it successful? Leave a comment.

Reblog this post [with Zemanta]

Ignite Nashville 2010- My World Domination Presentation

So you may have caught my blog post earlier this week about the formula for world domination. If you didn’t, then scroll down a bit – it’s down there. I had so much fun thinking about it, I decided to turn it into my Ignite Nashville presentation. So here’s my “test” run-through to make sure I understood what to say in each slide.

If you didn’t make Ignite Nashville this spring, check out BarCamp Nashville in the fall! Lots of fun. And to see the live performance, check out the Ignite Nashville website.