Twitter users have once again found themselves the target of rogue applications this weekend, in a similar fashion to the problem which has been plaguing Facebook users for over a year.
Over 9,000 Twitter users clicked on links posted by fellow Twitter users, claiming to be about a girl who killed herself after her dad posted a message online:
OMG: This GIRL KILLED HERSELF after her father posted THIS on her wall: [LINK]
Find the wording familiar? Well, you might very well do if you’re a Facebook user, as the “girl kills herself after her father” meme has become one of the most popular methods by which scammers on the social network have tricked people into clicking on their links in the last year.
And now, it’s made an unwelcome appearance on Twitter too. Clicking on the link would take you to a rogue app which would attempt to connect with your Twitter account.
Of course, if you were desperate to read about the girl who allegedly killed herself you might think nothing of granting permission to an app written by a complete stranger to post messages to your wall. And so, the links begin to spread virally – which suits the scammers just fine as they can either use their new access to post spam messages via your account or generate income from online surveys.
This appears to be a developing trend on Twitter. Earlier this month Twitter was hit by rogue apps which claimed users had been on Twitter for 11.6 hours or had discovered who their top 10 profile stalkers were.
Now do you understand why we were so upset about how people signed up for Connect.me last week without even thinking about what they might be doing?
In response to the latest attack on Twitter users, Del Harvey, who heads up Twitter’s Trust & Safety department, tweeted a warning to users reminding them to take care about which applications they authorised to access their accounts.
In addition, it appears that bit.ly has shut down the links. But, of course, the person behind them (who goes by the bit.ly username of “ecigarmy”) might create more.
Certainly earlier today ecigarmy was hard at work, tricking almost 35,000 people into clicking on another scam attack on Twitter:
I am 64% addicted to Twitter, find out how addicted you are here: [LINK]
where the percentage number could be different each time.
We all know that breaking news can spread as fast as a petrol fire on Twitter. That’s one of its great strengths. But we all have to work hard and act sensibly to avoid dangerous links also worming their way rapidly across the micro-blogging network.
If you’re on Twitter and want to learn more about threats, be sure to follow Naked Security’s team of writers. Meanwhile, Facebook users would be wise to join the Sophos Facebook page, where we give early warning about new threats.Follow @gcluley