Twitter rogue app hits thousands

Powered by SC Magazine
 

Scammers try to lure Twitter users into becoming part of their dirty game.

Thousands of Twitter users have fallen victim to viral scams spreading fast across the site, a security firm has warned.

Messages went out attempting to lure users into following links, with one scam focusing on a girl who purportedly committed suicide, Sophos said.

Del Harvey, director of trust and safety at Twitter, notified users about the problem via her own account.

“Seeing msgs about someone committing suicide after a parent posted something on their wall? Yeah, it's a spam app. Don't auth it,” Harvey posted.

About 9000 users had clicked on these links, taking them through to a rogue app, which then attempted to connect with their Twitter accounts, Sophos explained.

Once the scammers gained access to accounts, they could relay the messages across Twitter to snare yet more users. They could also generate money by getting users to click through to online surveys.

In another group of tweets, the perpetrators used a rogue application called Your Online Timer, pushing out messages which claimed users could calculate how long they had spent on Twitter.

Victims of that scam had a status update automatically placed on their accounts, again containing the same link.

Sophos warned scammers could use account access to post messages linking to malicious websites, phishing attempts or other spam campaigns.

“The last thing you want is for your Twitter followers to believe that you are being sloppy over your account's security, and potentially putting them at risk, too,” said Sophos senior technology consultant Graham Cluley.

These breakouts come shortly after Twitter announced a new, hidden security feature on the site, which scanned all links going through the service.

“By routing all links submitted to Twitter through this new service, we can detect, intercept and prevent the spread of bad links across all of Twitter,” Harvey wrote last week in a blog.

“Even if a bad link is already sent out in an email notification and somebody clicks on it, we'll be able keep that user safe.”

Recent data from Barracuda Labs showed the Twitter crime rate had shot up 20 percent, further indicating businesses needed to be careful about how they and their employees used the service.

This article originally appeared at itpro.co.uk

Copyright © ITPro, Dennis Publishing


Twitter rogue app hits thousands
 
 
 
Top Stories
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  11%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 288

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  60%
 
No
  40%
TOTAL VOTES: 106

Vote