How Twitter Can Fix Direct Message Spam

Phishing spam on Twitter

Phishing spam on Twitter

Dear Twitter,

You have done an incredible job of responding to a massive influx of new users, especially over the last 8 months.  With growth reaching 1400% month over month, the need to react and support quickly has been critical, and for the most part I would say you have done so better than just about anybody else has that has seen such rapid growth on their platforms.   With the recent roll out of Twitter lists you have also added value to the community by providing a tool that people can use to pull some signal out of all of the noise.  Many are finding the lists as the place to discover and follow new people.  Thank you for all of your work.

A new phenomenon has bubbled up from the user community, and it’s something that I would like you to take quick and decisive action on.  Phishing scams have torn through Twitter on an almost daily basis for the last several weeks, with unsuspecting users clicking links and turning over their credentials.  The results have been painful to deal with…I’m receiving dozens, and sometimes hundreds,of direct messages from real people (not bots) every single day with messages like, “hey. do this iq quiz for me” and “i found y0u”. This is phishing that is perpetuating too rapidly and it’s starting to ruin the communication platform for me. Here is what needs to happen to fix this…

When I mention this on Twitter, most people reply by telling me that I shouldn’t follow spambots.  I want to make something perfectly clear: this isn’t a problem with spambots, it’s a problem with real people clicking links that they shouldn’t, then handing over their username and password to a malicious site.  That site then sends DMs about funny videos, weight loss and everything else under the sun to everybody that is following that person.

The Problem

The only way to prevent a DM from somebody is to unfollow them.  I don’t want to unfollow these people, they are a valuable part of my community and I want to hear what they have to say.  Granted, I’m disappointed that so many smart people have fallen for such obvious phishing scams, but I still want to be a part of their Twitter life.  As it stands today, my only option is to unfollow them.

The Solution

Twitter already has the solution built in, although within a different area of the service: SMS.  I have the ability to turn SMS notifications on and off globally, and when it is on, I select the individuals that I want to recieve updates from.  SMS is not an “all or nothing” choice right now, and that is exactly what needs to happen with direct messages.

The Big Ask of Twitter

What I am asking is simple, although I know there are plenty of complicated actions behind the scenes if it were to happen: Please give your users the ability to turn direct messages on and off globally, and when on, give us the ability to select who can and cannot send us direct messages. I want to be able to follow people without them having the ability to send direct messages to me.  I understand why this was built in to the original platform as most people that followed each other really did know each other personally.  This is no longer the case, and so the platform must grown and move in the same direction as the community.

Thank you for your consideration Ev, Biz, Alex, Delbius and the rest of the crew.  As the communications within Twitter have changed, so has the need for some of the original services to change with them.  Keep up the good work!


Matt Singley (@mattsingley)

By Matt Singley

Personal: husband to Alison, father to four amazing kids. I used to live a fast but enjoyable life in Los Angeles, now I have chickens on acreage in Charlotte, North Carolina. Just a bit different. I'm an advocate for cycling as much as you can and eating as cleanly as you can afford. Professional: I'm the CEO of Singley + Mackie, a creative digital agency that serves well-known lifestyle and entertainment companies around the world. Clients include Microsoft, Samsung, Hulu, YP and others. If you want to find the more-professional me, go to