Twitter, people either love it or hate it. I view Twitter as a “Diet Facebook”, I still know what people are doing and thinking at every second of the day, I just don’t get Farmville notifications to go with it.
Recently, Twitter users have been the target of a new Trojan infiltration scheme. A Twitter user will receive a DM, direct message, from a supposedly trusted source with a nondescript but tantalizing message. The messages usually reference a supposed elicit picture or video of said user, with a link that will, supposedly, take the user to the referenced content.
According to reports, users are taken to “YouTube”, please note the quotes. They are then prompted that an update is needed to view this video, with a link to download a file titled “FlashPlayerV10.1.57.108.exe”. In reality, people are actually downloading a Windows compatible Trojan application, right to their computer. Simple social engineering. What makes this so easy is not only the promise of discovering embarrassing content about yourself on the internet, but the fact that a URL shortening service is being used to disguise the actual target URL. Using URL shortening services on Twitter is not uncommon, so to the average Twitter user, there is no apparent cause for alarm when receiving one of these messages.
This should go without saying, but, if your Twitter account happens to be the one sending out these false messages, change your password immediately. If the information is coming from a friends account, it is recommended that you alert them, and recommend that they change their password too. People just need to remember to be safe, make sure what you are receiving is real content. If you’re unsure about a link, don’t click it, or at least verify it with the sender.