If you are a Twitterer, you’ve probably received an unexpected direct message from a friend in the last couple of weeks that looked something like this:
or maybe this:
haha. This you???? http://foo.ws/KD7P
Whatever you do, DON’T CLICK ON THE LINK IN THE MESSAGES. These are examples of a rapidly-spreading Twitter hijacking “worm”. I haven’t seen a good explanation of the how or why this is so prevalent, but when I see some even my most web-saavy friends (you know who you are), and even the Internet legend Cory Doctorow being duped, I figure it’s high time to make a post.
WHAT TO DO ABOUT IT
While I don’t have any hard-and-fast info on how or why this is spreading, there are two easy things you can do:
1. Typical phishing-prevention steps: review all links before you click on them. Does the URL say TWITTER.COM or does it say TWITTAR.BIZ? Yeah. I realize this might not be possible on a mobile device, so exercise caution.
2. Update your password to something complex. A little uppercase, a little lowercase, a number. e.g. FooB4r! (and no, that isn’t my password)
3. Check your “Connections” on Twitter. Review them all and remove any that look suspicious.