Twitter rogue app hits thousands
Scammers try to lure Twitter users into becoming part of their dirty game.
Thousands of Twitter users have fallen victim to viral scams spreading fast across the site, a security firm has warned.
Messages went out attempting to lure users into following links, with one scam focusing on a girl who purportedly committed suicide, Sophos said.
Del Harvey, director of trust and safety at Twitter, notified users about the problem via her own account.
"Seeing msgs about someone committing suicide after a parent posted something on their wall? Yeah, it's a spam app. Don't auth it," Harvey posted.
Around 9,000 users had clicked on these links, taking them through to a rogue app, which then attempted to connect with their Twitter accounts, Sophos explained.
Once the scammers gained access to accounts, they could relay the messages across Twitter to snare yet more users. They could also generate money by getting users to click through to online surveys.
In another group of tweets, the perpetrators used a rogue application called Your Online Timer, pushing out messages which claimed users could calculate how long they had spent on Twitter.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Victims of that scam had a status update automatically placed on their accounts, again containing the same link.
Sophos warned scammers could use account access to post messages linking to malicious websites, phishing attempts or other spam campaigns.
"The last thing you want is for your Twitter followers to believe that you are being sloppy over your account's security, and potentially putting them at risk too," said Sophos senior technology consultant Graham Cluley.
These breakouts come shortly after Twitter announced a new, hidden security feature on the site, which scanned all links going through the service.
"By routing all links submitted to Twitter through this new service, we can detect, intercept and prevent the spread of bad links across all of Twitter," Harvey said last week in a blog.
"Even if a bad link is already sent out in an email notification and somebody clicks on it, we'll be able keep that user safe."
Recent data from Barracuda Labs showed the Twitter crime rate had shot up 20 per cent, further indicating businesses needed to be careful about how they and their employees used the service.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.