Sophos: Your online timer survey scam spreads rapidly on Twitter
March 2011 by Sophos
Sophos is warning Twitter users to be cautious, following the discovery of new rogue applications designed to help scammers earn money by spreading links that point to online surveys.
Following attacks this weekend, which saw users spreading messages about a girl who killed herself and how addicted they were to Twitter, new messages are appearing on Twitter today claiming to count how long users have been members of the social networking website. Offending tweets contain a variation on the following text, with the amount of time shown differing between users:
"I have spent 379 days, 9096 hours on Twitter. How much have you? Find out here: [LINK]"
The messages, posted by an application called "Your Online Timer", include a link which - if clicked on by other Twitter users - will encourage them to authorise "Your Online Timer" to access and update their Twitter accounts. If the application is approved, users will be taken to a website which claims it will find out the time spent to date on Twitter - and the page pops up a survey which earns the scammers money for each questionnaire completed. In addition, without explicit approval, the Twitter account of the victim is updated with a status update - spreading the link virally to other Twitter users.
"Viral scams like this are commonly encountered on Facebook, but are now being spread by their creators onto Twitter too. It’s possible that the people behind these attacks view Twitter users as a softer target, who might generate them more income," said Graham Cluley, senior technology consultant at Sophos. "Social networks have a responsibility to protect their users from scams and spam - but ultimately it’s down to the user to think very carefully before handing over the keys to their social network account to a complete unknown application."
Affected users should revoke the application’s access to their Twitter account immediately. This can be done by entering Settings/Connections and revoking the rights to the relevant application.
"If the application’s access to your account is not revoked, the scammers could use it to spread other messages - potentially including links to malicious websites, phishing or other spam campaigns," explained Cluley. "The last thing you want is for your Twitter followers to believe that you are being sloppy over your account’s security, and potentially putting them at risk too."