Beware of the subtleties of Password Highjacking

Beware of the Subtleties of Password High Jacking. This pop-up is asking for your Twitter ID and Password.

Does Your Computer have a Social Media Transmitted Disease? – The Danger of Third Party Apps and Free IPads.

Have you ever receive an email from a Nigerian Prince asking for your help with a complex 10 million dollar inheritance transaction?

Have you ever clicked on a link to Southwest Airlines on your computer and been taken to a page asking if you would like to use your Facebook account to login to their site?

Or how about receiving a post on your Facebook wall announcing how your best bud from high school just received a free IPad and so can you?

If you haven’t received such wonderful communications from the noble Nigerian, my favorite airline or your high school class clown it’s just a matter of time until you join the club.

What’s going on with all this stuff?  In the case of the “Noble Nigerian” he’s just trying to sucker you into a scam where he gets your financial info to suck you financially bone dry in one of the most stupid scams in the world.  If you fall for this, you probably don’t deserve to hold on to your finances or you have one foot in the door to the Alzheimer clinic.

Recently, the editor of the Palo Alto Free Press asked me to write a guest blog about the Dangers of Third Party Apps built for sites like Twitter or FacebookThird Party Apps are those special programs that allow you to expand the functionality of your social media sites and compliment a program (first party app) written by another business such as Facebook or Twitter.  Examples of third party apps that I personally use are Hootsuit for Twitter and the Roost real estate app for Facebook.

Other kinds of third party apps you may have heard of are called plugins or add-ons.  Perhaps you have a blog and you want to insert a photo contest in to your blog – there’s a third party app for that.  Or, perhaps you want to add an e-commerce page on your website – there’s a third party app for that too.

So what’s the danger of Third Party Apps and clicking on that link to get a free Southwest Airline ticket or free ipad?  In the case of many third party apps you are requested to give access to your Facebook, Twitter or other social media account’s confidential and private information including login information.

In some cases you give access to your complete email directory and allow the app provider access to all your contact’s email addresses while waiving your right to protect this information.  I personally do not know of an instance where the contacts in my email directory have received an unauthorized email through me, and as far as I know I’ve never posted a message saying I’ve just won a free iPad on my friend’s walls on Facebook.

So here are the two big deals I see: First issue, I’ve heard of third party app developers selling their businesses to another business.  Who’s to say the new owner of the app on your computer has the same high standards as the first business that developed the app in the first place?  Some people believe this is where their info can be compromised and used against them.  Is my confidential info now owned by someone I don’t even know?

Second issue, this involves those free Southwest Airline tickets, the free Ipads, and that question, “Would you like to know who’s looking at your profile on Facebook?”   (FYI, the terms of Facebook specifically prohibit third party app companies from accessing who is looking at whose profile).

Most of these too good to be true offers and questions are really just companies trying to get you to answer questionnaires where the company asking the question gets paid for each questionnaire successfully completed.  Their goal is to get you to open the post, answer it and have the post delivered to your friends and have them repeat the cycle.  For most people silly enough to click on these free offers the only result is having to send an embarrassing message to all your friends letting them know you screwed up.

If you’re not sure about which of those Facebook offers are legitimate or not, check out or “like” Facecrooks on Face Book.  Facecrooks is a site that tracks which of those posts are legit or a bunch of B.S.  Anyway, I gotta run, I just got an email from Nigeria requesting I fly to another city using my free Southwest Airlines ticket and that there’ll be a free IPad waiting for me at the airport check in stand.  Life is too good to be true!

Tim Hmelar is the CEO and Founder of Web Lunch Box a social media training and consulting company in Palo Alto, CA.  Tim devotes his professional time to helping small businesses grow their business, helps many community organizations achieve their goals, and loves to spend time with his family and with giving, kind people.  Feel free to contact Tim at