A new Twitter worm is spreading quickly this morning by pretending to tell users who has unfollowed them. Through using this kind of smart social engineering (who wouldn’t want to know who these ungrateful people are?), this rogue Twitter app gains access to a user’s account by using Twitter’s standard authentication mechanism. The worm also attaches terms to every one of these tweets that are currently trending on Twitter, ensuring these messages get seen by an even wider audience.

A typical example of these scam tweets looks like this:

9 people have unfollowed me, find out how many have unfollowed you: [URL] #duringsexplease #youneedanasswhoopin

Graham Cluley at security firm Sophos took a closer look at the inner workings of this worm. Instead of telling users who unfollowed them (a service that some reputable companies actually offer), the service just brings up a typical online survey that pretends to offer users the chance to win a free iPad 2 or Gucci shopping spree. The scammers then, as Cluley notes, make money each time one of these surveys  is completed (probably because they can harvest confirmed email addresses this way).

If you fell for this scam for some reason, head over to your Twitter account, click on Settings -> Connections and revoke access to the app. The worm uses different names for the “service,” but the most common are “App Services,” Follow Finder” and “Data Machine.”

image

Image credit: Sophos