Your Online Timer survey scam spreads rapidly on Twitter

More rogue applications are catching Twitter users off their guard today, helping scammers earn money by spreading links that point to online surveys.

Following other attacks this weekend, which saw users spreading messages about a girl who killed herself and how addicted they were to Twitter, new messages are appearing on Twitter claiming to count how long users have been members of the tweeting service:

I have spent 379 days, 9096 hours on Twitter. How much have you? Find out here:

I have spent 379 days, 9096 hours on Twitter. How much have you? Find out here: [LINK]

The amount of time shown differs between users, so you may see different numbers.

The messages, posted by an application called “Your Online Timer”, include a link which – if your Twitter followers click on it – will encourage them to authorise that “Your Online Timer” should also be able to access and update their Twitter accounts.

Twitter rogue app

As we’ve discussed before, you should always think very carefully before allowing unknown apps the ability to access your social networking accounts.

But if you do make the mistake of approving this particular application, you will be taken to a website which claims it will find out the time you have spent to date on Twitter.

Online survey

Regular readers of Naked Security will recognise the similarities with the so-called “11.6 hours” scam we saw spreading rapidly on Twitter earlier this month – and sure enough this scam shares a lot of similarities.

The page pops up a survey (when I tested the link it said there wasn’t a survey available in my country, but your experience may differ), which earns the scammers money for each questionnaire completed.

Meanwhile, behind the scenes and without your explicit approval, your Twitter account has been updated with a status update – spreading the link virally to your Twitter followers:

Status update from rogue application

Affected users should revoke the application’s access to their Twitter account immediately. You can do that by entering Settings/Connections and revoking the rights to the relevant application.

Revoke application permissions on Twitter

Sophos is in contact with about closing down the offending link, but it’s always possible that the scammers will use other links and other names for their rogue applications. So be on your guard and always think twice before allowing a third-party app to have access to your Twitter account.

If you’re on Twitter and want to learn more about threats, be sure to follow Naked Security’s team of writers. Meanwhile, Facebook users would be wise to join the Sophos Facebook page, where we give early warning about new threats.

Hat-tip: Credit to F-Secure’s Sean Sullivan who identified that the same user who was behind the “11.6 hours” scam appears to also be the originator of this latest attack.