This happened a couple years ago.
One of my friends – who also follows me on Twitter – called me up and said she got a weird direct message from me on Twitter.
This was strange. I almost never send DMs on Twitter (I mean, who does, right?).
My first reaction was: my account has been hacked!! I checked my Twitter profile and found out that someone had sent a bunch of DMs from my Twitter account to many of my followers. Super-strange.
I changed my password, informed everyone that it wasn’t me that sent the weird DMs and started digging deeper to find out who the culprit was.
Turns out it was some strange app that I had logged in to using my Twitter account. When you sign up/login at a website (or for an app) using Twitter or Facebook, you give some access to the website / app to handle your social account. Mostly, this is harmless level of access but just occasionally, it can be a higher level of access.
For instance, apps like Buffer, Around.io, Hootsuite, Tailwind, and other social scheduling apps require that you allow us to post on social channels on your behalf – that’s a higher level access right there.
Legit apps handle this access with care with a lot of security checks in place. Bad apps will use that access to start spamming your profile – and suddenly, your profile is sending DMs to your followers, posting weird things on your Facebook profile / page, etc.
This is why it’s extremely important to check your app access every once in awhile. I do this about once or twice every six months and it’s recommended that you do it even more frequently.
It’s good to “purge” apps – that is, remove apps from your social accounts like Facebook, Twitter or Pinterest – that you no longer use. If you try out new apps, login at new websites often, you’ll be surprised how many apps have got access to your Facebook or Twitter account.
Here’s how to revoke access / remove app access from your social accounts.
1. Click on the arrow on the top-right of Facebook.
2. Click on “Settings” from the drop-down menu.
3. Next, click on Apps. (This will show you a list of all apps currently accessing your Facebook account)
4. Move your mouse over the app you want to remove. A ‘x’ will show up. Click on it.
5. Confirm that you want to remove this app by clicking on “Remove”.
That’s it. Repeat the process for all the other apps you want to remove from accessing your Facebook.
1. Login to your account. Then, click on your profile pic on the top-right (to open the profile menu).
2. Click on “Settings”.
3. From the menu on the left of the screen, find and click on “Apps”.
4. Next, click on “Revoke Access” on the app you want to remove from your Twitter profile.
That’s it. You can now just click on “Revoke Access” on all the apps you want to remove.
1. Login to your Instagram profile at instagram.com (on the web). Then, click on the tiny profile icon on the top-right.
2. Click on “Edit Profile”.
3. From the left of the screen, click “Authorized Applications”.
4. You’ll see a list of apps that have access to your Instagram account. Just click on “Revoke Access” on the ones you want to remove.
1. Login to your Pinterest account and click on your profile pic to open the menu.
2. Click on “Settings”.
3. Next, click on “Apps”.
4. You’ll see a list of apps accessing your Pinterest account. Click on “Revoke Access” on all apps you want to remove from your Pinterest profile.
Audit your apps frequently
So as you can see, it’s pretty easy to remove app access on your social profiles.
The trick to keep your social channels safe is to do this very frequently. Depending on how frequently you let apps access your Instagram or Twitter etc., you should do this monthly, or every quarter.
Questions? Feel free to post them in the comments and I’ll answer them.