Many people would like to have a bigger Twitter following – whether you're a business, a personality, a celebrity, a journalist or a blogger – and it can be exciting seeing those numbers grow.
But what do you do when you realise that some of your new followers are fake?
What's wrong with having fake Twitter followers?
The worry about having fake Twitter followers is that although they might make you seem more popular, there are several reasons why it's bad to have them for both businesses and individuals.
For a business, having loads of fake Twitter followers basically means you're engaging with nobody, and fake followers could easy target your genuine followers and hack their accounts.
For an individual, one thing hackers do is to direct a fake Twitter follower farm at your account to "plump" up your follower numbers, and then when there are enough followers to make you seem like a prominent personality on Twitter, the hacker then hijacks your account by hacking the OAuth tokens in a third-party app API.
Once they have your account, the hackers then use your account to send out tweets like "OMG I can't believe you posted that!", which contain malicious links that trick users into going to a website that installs malware on their computer or device, and phishing attempts to trick other users into revealing their passwords and other sensitive information.
Of course, that's only one theory – another reason for the follows is that the hacker wants to create accounts that look like they are real by following lots of accounts, especially users who are kind enough to follow them back in return, so they have bots that create fake accounts and have each account follow you in a fake Twitter bot farm.
IBTimes UK tried asking Twitter what we should do about fake followers and how you can block them in bulk rather than one by one, but we have received no response, so in the meantime, we have found our own solution.
How do you delete fake Twitter followers in one go?
Although there are many services on the internet now offering to clean your Twitter account for you if you pay a monthly subscription, I happened on two free scripts written by a programmer called Clayton Lambert. One of Lambert's scripts is designed to block and remove fake Twitter "egg" followers, i.e. Twitter accounts where the user hasn't even bothered to change the default Twitter egg profile picture to a picture of themselves.
The other script is designed to block and remove Twitter accounts that look fake, so it checks to see if the Twitter account has hardly any tweets or no tweets, or the account's description has been left blank, or the tweets are all malicious links or gibberish.
Before trying these scripts out, I contacted Proofpoint Nexgate, a firm that helps companies to protect their social media accounts from abuse, malware and damage from account compromise, for help.
The firm checked the scripts to make sure they didn't end up doing anything you wouldn't like, such as deleting genuine followers, and they have confirmed that it is safe to use, and I have found that the scripts definitely work.
All you have to do is follow Lambert's tutorials, which include loading up all your followers and pressing the "Down" arrow key until they have all loaded, and then pasting a script into your browser window via the "Inspect Element" function.
But what about preventing people from hacking my Twitter account?
According to Twitter, in general if you want to prevent your account from being hacked, you'd best make sure you have a strong password, but there are a few other things you should also look into.
"Don't allow access to any apps you don't use," Dan Nadir, Nexgate's Vice President for Product Management tells IBTimes UK. "It's difficult to know if an app has been compromised and most people forget that they even approved the app in the first place."
So after changing your password, the first thing you should do is go to Settings > Apps and look at what apps you are allowing to access your Twitter account. If these apps are approved like Instagram, iOS and LinkedIn, you're probably okay, but anything else you don't use anymore should have its access revoked.
Also, you should make sure that in Settings > Security and privacy, that you have "Verify login requests" checked, so that every time you log into Twitter, you are sent an SMS text message with a special code you have to enter in order to gain access, as well as checking the box that says "Require personal information to reset my password".
However, while this might strengthen the security of your Twitter account, you can't prevent fake Twitter accounts from following you – only block them using the methods we mentioned above, as they mount up.
"We're seeing a lot of spammers moving to Facebook and Twitter because it's much easier than sending out thousands of emails. The business of fake Twitter accounts is huge," said Nadir, whose firm has seen spammers attack the Twitter accounts of celebrities and personalities and is constantly blocking thousands of attempts.
"There is no easy way to stop these people from following you. It depends on what type of follower they are – if they are just following you to give off an aura of legitimacy, then that's okay. You're just a stat to them. But if they start trying to engage with you and get involved in conversations you have with your followers or other users, that is a problem."