Twitter scam tricks users into clicking a suspicious link
Twitter virus is a term used to describe spam activities on a popular social network. Usually, malware delivers spam posts or sends private messages that contain a shortened link. However, once clicked, it might redirect to highly suspicious websites that might be created for spreading malware or phishing attempts.
Twitter malware is known at least since 2009. It acts similarly to any of the Facebook viruses. If it manages to affect one’s account, it starts sending out spammy messages to its contacts and may also initiate other issues for its victim, such as disable his/her account, etc.
This virus is based on malicious posts that appear on Twitter's timeline. In order to draw people’s attention, this virus uses infected accounts to post misleading tweets saying something like:
- OMG I can’t believe that,
- OMG look what they’re saying about you,
- Check this!!!
Of course, these tweets are filled with invented content, which is supposed to draw people's attention and convince them to click on it. Besides, misleading tweets is not the only way how this virus spreads around.
Twitter virus may try to affect your account via direct messages that can be sent to you by unknown people. They can also be filled with links and similar content. In fact, these malicious links that are usually included to these fake messages are the main helpers for this virus to spread around.
Typically, these links redirect to phishing and malware-laden websites that ask the victim to install a certain plug-in, update or a program that is required in order to see the intriguing content. Such downloads are infectious and should be avoided! However, if you clicked on such link or installed suspicious content, you should carry out Twitter virus removal immediately.
In order to remove Twitter virus, you may need to disable application access via Settings and uninstall questionable programs or browser add-ons you were tricked to install. However, you can speed up this procedure by scanning the system with Reimage and changing your password.
Twitter virus comes back with “Who visits your Twitter profile” spam
Questions about Twitter virus
In January 2018, a new variant of Twitter spam was detected. Numerous people were tweeting with a hashtag #FBPE which included the link to a website that claims to reveal the sweet information about who has viewed your profile.
There a couple of different spam messages, for instance:
Goooo!! Click for more information:
Who visits your Twitter profile
100% safe, 100% working
Click here, available for iOS and Android
Sign in and download this fantastic app – only available today
However, all of them contains the link to checkvisitss[.]tk website that offers to connect with Twitter account and learn who visited your profile. Once this button is clicked, users are redirected to authorization website which asks for regular Twitter app permissions:
- Read tweets from your timeline
- See who you follow and follow new people
- Update your profile
- Find Tweets for you
Indeed, after the installation, Twitter virus continues posting lots of annoying content on behalf of you. Though, the redirect website and app itself don’t perform any malicious activities. However, it might be just the matter of time. You can never be sure if scammers wouldn’t think of the way to spread malware.
Thus, if your account was posting spam, you should navigate to Applications tab under Settings and Privacy, and disconnect all suspicious apps to remove Twitter scam entirely.
Other examples of Twitter viruses and scams
Money-based schemes. Scammers used the names of popular companies, such as Google, in order to convince users that they can make money while working from home. However, they were asked to pay a small sign-up fee. In this case, crooks get victim’s credit card information and can charge them every single month.
Pay-For-Followers scams. These types of posts included a possibility to increase user’s followers. Scammers claimed that for a small amount of money (e.g. $5) they can get more than 2000 followers within a day.
Twitter worms. In 2009 “Mikeyy” or “StalkDaily” worm was noticed spreading on social network asking to access a StalkDaily.com website. As soon as users clicked on a link, her or his account was infected and continues spreading malware further.
Other worms were spotted in 2014. This time malware was more sophisticated and managed to compromise even BBC News Twitter account.
Fake customer support accounts. In 2014 and 2016, numerous fake customer support accounts were detected. These phishing scams were used for stealing user’s logins and passwords. Typically, users were asked to access a camouflaged website and enter their details.
Users are advised to be careful with such messages. Official accounts always are verified and have a blue tick mark.
Avoid clicking suspicious link to avoid getting infected with malware
Twitter virus mostly spreads via direct messages and bogus posts on the timeline. In order to protect yourself, you should ignore all spammy-looking messages that typically announce about shocking news or promote various products, such as drugs, contests for getting the ability to win smartphones, sales, and similar things.
You must never click on the link, which can also be found in these tweets. Typically, such posts contain shortened URLs, and this technique is used to obfuscate suspicious-looking malicious links.
Also, make sure you ignore tweets that may show up in your account out of nowhere. If you would happen to get infected with Twitter virus, you should keep in your mind that you can be involved in its distribution. You can start sending out the same or similar spammy messages to all of your followers and friends automatically.
Get rid of Twitter virus
If you clicked on a suspicious link or your followers reported that you are posting spam, you should consider a Twitter virus removal. We recommend terminating the virus with the help of anti-malware software, for instance, Reimage or Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus.
The virus can add additional programs to the system, inject suspicious extensions and tracking cookies into web browsers you use, and add registry keys that are hard to identify and delete manually. Thus, you may not be able to remove Twitter virus without security software, specialists from viruset.no say.
Additionally, if you have suffered from “Who visits your Twitter profile” scam, you should follow these steps too:
- Log in to Twitter.
- Access Settings and Privacy.
- Open Applications tab.
- Remove suspicious applications by clicking Revoke access button next to each of them.
If you cannot access your account after the attack, you should follow the guidelines provided by Twitter Help Center.
To remove Twitter virus, follow these steps:
Remove Twitter using Safe Mode with Networking
If you cannot start the anti-malware software, reboot your PC into a Safe Mode with Networking first, and then launch your anti-malware program. You should also carry out the following instructions to protect your Twitter account:
- Change your Twitter password ASAP (you should change it on other accounts as well, if you use the same password there). For that you should click your username, select “Settings” and then click the “Password” tab. Click “Change” to save these changes.
- Log back into your Twitter account and delete any spammy-looking messages.
Step 1: Reboot your computer to Safe Mode with Networking
Windows 7 / Vista / XP
- Click Start → Shutdown → Restart → OK.
- When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
- Select Safe Mode with Networking from the list
Windows 10 / Windows 8
- Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
- Now select Troubleshoot → Advanced options → Startup Settings and finally press Restart.
- Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window.
Step 2: Remove Twitter
Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Twitter removal.
If your ransomware is blocking Safe Mode with Networking, try further method.
Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from Twitter and other ransomwares, use a reputable anti-spyware, such as Reimage, Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus or Malwarebytes Anti Malware