There seems to be a new Twitter virus or phishing scam going around which affected my boss today. He had a couple of messages telling him that he had a virus, they had received the following message:
what are you doing on this moviefacebook.com/42219320781811… wow upsetting
Clicking on this leads to a Facebook page with a Twitter login – http://apps.facebook.com/422193207818111/. It looks as though the Facebook page is real and that there is some dodgy app that is part of the scam. You can enter any fake credential in there, it’s a scam so it doesn’t (nor should be!) real credentials that you enter to see it:
Once you enter these credentials it then takes you to http://omy.omgfb.org/tmb/zoom/newvideo.php on which you are supposed to be able to see a video. You can’t actually watch the video as it says you need to download Flash Player – I didn’t try this as I figure it will probably download a virus which may help spread the scam further.
If you get this message do not read it, immediately delete it. If you have already clicked it I would suggest you follow Twitter’s advice at https://support.twitter.com/forms/hacked:
- Reset your password
Please reset your password by entering your email address, phone, or username into the password reset form. - Revoke connections
While logged in, visit the Applications tab in Account Settings. Revoke access for any third-party application that you don’t recognize.
You should additionally change any passwords on any other site where you had the same password and Tweet or DM anyone to whom the virus may have been sent out to. I would then also do a virus scan in case you tried installing the fake Flash Player. There didn’t seem to be much information out there on this so I hope this comes in useful to someone.