Karen Gillan, the Scottish actress who plays the character of Amy Pond in BBC's "Doctor Who" TV series, has had her Twitter account compromised.
Almost a quarter of a million followers of the popular actress - who recently left the hit sci-fi show after being sent back in time by Weeping Angels - could be tricked into believing that she has found a way to lose weight that doesn't involve the Adipose.
Clicking on one of the links takes you to an all-too-familiar Acai Berry diet website, posing as a news story:
To fix a problem like this you don't need to reverse the polarity of the neutron flow, or even reach for your sonic screwdriver.
Simply change your Twitter password (ensuring that it's not easy to guess, and that you're not using it on multiple websites), and check what applications you have connected with your account (and revoke their access if required).
Furthermore, be careful that you only log into your Twitter account from a computer that is properly protected with up-to-date anti-virus software and security patches - in other words, maybe you shouldn't trust that computer in a hotel lobby or your friend's PC. Keylogging spyware can grab your password without you knowing, and pass it onto malicious hackers.
Karen Gillan isn't the only Doctor Who companion to have been involved in Twitter trouble. Jenna Louise-Coleman, who plays the mysterious Clara Oswin Oswald and replaced Gillan in the Christmas episode, was the subject of a sex video scam shortly after her appointment was announced.
It goes without saying that you shouldn't click on any links from Karen Gillan until her account is brought back under control.
Follow @gcluley
Hat-tip: Thanks to Naked Security reader Thu Ya Win for alerting us to this incident.
This is simply a rogue app, just delete it, no need to change password.
Love the references to Doctor Who. Doctor Who fan?
I'm more and more baffled by these kind of compromises. It's probably an automated attack, but why take the trouble? Do the attackers seriously think that blasting these wteets into a hacked account will results in even one sale?
One sale is all they need for it to be worth their time, there's always gonna be one person who falls for these things
It's just another kind of spam business. If it didn't make money they'd do something else.
M.
Am I the only person who is enjoying life without Twitter?
You're sensationalizing something that isn't as bad as it looks. She didn't get "hacked". She got fooled into installing an app, probably in Facebook, that sends itself out to everyone over her Twitter account. End of story. Go into Facebook, remove the app. If you want to be safe, change the Facebook password - that's probably a good idea anyway.