The IT security firm Sophos reported that an application called 'Time on Tweeter', which automatically sends a tweet from users account that they have spent 11.6 hours on Twitter, has been spreading among tweeples. The links of this scam are spreading from users account without their knowledge.
The scam tweet will appear like, "I have spent 11.6 hours on Twitter. How much have you? Find out here: [LINK]." The link is shortened via Bit.ly and the link leads you to the 'Time on Tweeter' application. Instantly, the app will tweet from the user's account saying that the user have spent 11.6 hours on Twitter. Later the app leads the user to a revenue-generating survey developed by the scammers.
Security experts advised Twitter users not to allow access for the malware scam app and for those who allowed, they recommend to revoke the app's access and change the password. Experts also suggested to discourage the shortened links from other users.
"Scams like this are very commonly encountered on Facebook, but are more rarely seen on Twitter - meaning that many users will be sitting ducks to this type of attack. Although Sophos is in contact with bit.ly about closing down the offending link, it's possible that the scammers will use other links and other names for their rogue applications. So be on your guard, and always think twice before allowing a third-party app to have access to your Twitter account," said Graham Cluley, Senior Technology Consultant at Sophos.