Profile Spy rogue application spreads virally on Twitter

Filed Under: Social networks, Spam, Twitter

Twitter users are once again finding themselves on the receiving end of an attack more often experienced by their Facebook-using cousins: a rogue application attack spreading virally across the network.

Thousands of Twitter users have fallen into the trap of allowing a third party application called "Profile Spy" to access their Twitter accounts, after believing that they would be able to find out who has been viewing their tweets.

Wow! See who viewed your twitter with Profile Spy

Wow! See who viewed your twitter with Profile Spy [LINK]

Of course, there's no such way to tell who has been reading your Twitter posts - but that hasn't stopped thousands and thousands of Twitter users from clicking on the link, and granting "Profile Spy" permission to post messages from their account.

Rogue app requests permission to access your Twitter account

If you are foolhardy enough to allow the app to continue, you'll find that you are instantly tweeting out messages to your Twitter followers, encouraging them to also click on the link.

Twitter account compromised by rogue application

In this way, the scam spreads virally and very quickly across the network.

The motive for the scam is, unsurprisingly, to make money for the scammers behind it. They pop-up a survey and demand that you complete it before they will reveal details of who has been viewing your Twitter messages.

Twitter survey scam

Hopefully by now all of your alarm bells will be ringing, but if you do continue to complete the survey you will be helping the scammers earn commission.

If you were unfortunate enough to grant the Profile Spy app access to your Twitter account, revoke its rights immediately by going to the Twitter website and visiting Settings/Connections and revoking the offending app's rights.

Revoke rogue application

Don't encourage the bad guys to distribute scams like this, and always exercise caution about which third party apps you allow to connect with your social networking accounts.

If you're on Twitter and want to learn more about threats, be sure to follow Naked Security's team of writers.

, , , ,

You might like

One Response to Profile Spy rogue application spreads virally on Twitter

  1. anonanon · 1250 days ago

    this is going on on facebook again too. several people on my feed god scammed today.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.