E-Threats Social Networks

Scammers Abuse Twitter Features, Trick Thousands with ‘Follower’ Scheme

A series of enhanced follower scams has tricked thousands of Twitter users after a group abused the platform’s authentication system, TweetDeck and Trends section, antivirus software provider Bitdefender warns. The security company reported the scams and notified the micro-blogging company of the dangerous web sites, which are massively promoted through Twitter Trends.

The ‘entrepreneurs’, who may be from Turkey, are profiting from users’ eagerness to gain visibility on the platform. In the past month, they have registered dozens of similar web sites with top level domains such as “.com”, “.net” and “.us”. The cyber-group offers free or paid Twitter followers in exchange of users’ authentication tokens.

Scammers Abuse Twitter Features, Trick Thousands with ‘Follower’ SchemeThose who click on the ‘free’ option get 20 followers at the blink of an eye – both legitimate users and bots. However, they are also subscribed to the system without their knowledge, so they can follow 100 other users as well.

While Facebook scams promising new likes are just silly baits, these Twitter scams really deliver what they claim – tens of new followers that are willing to ‘adore’ what you tweet,” Bitdefender Chief Security Strategist Catalin Cosoi said. “It’s somehow ironic that there is a price to pay even in the ‘free’ version, as they get away with your authentication token. The merchandise is actually YOU.

Scammers Abuse Twitter Features, Trick Thousands with ‘Follower’ SchemeTo hijack the accounts, scammers abuse the legitimate TweetDeck application that allows users to sort content on the micro-blogging platform. To get new followers, users have to authorize the app, which may post on their behalf, see who they follow and follow new people. In the process, scammers make away with the tokens and receive TweetDeck’s permissions without users’ knowledge.

The follower web sites are also loaded with commercials for dubious games, torrents and software downloads, and some trick users with malvertising.

Scammers Abuse Twitter Features, Trick Thousands with ‘Follower’ SchemeIn April 2013, a research team discovered the Twitter OAuth feature in the application programming interface (API) can be abused to hijack accounts. Access tokens allow scammers to perform several actions through the Twitter API without a password. Attackers may post new tweets on behalf of the hijacked accounts, read and send private messages, and change users’ location without their knowledge.

Bitdefender advises British users who were tricked with this new follower scam to uninstall TweetDeck and reauthorize it. They should also run a security scan to check for malware on all the devices they used to log into Twitter.

Here are the other villains making rounds on the micro-blogging platform:

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners. 

This article is based on the technical information provided courtesy of Bitdefender Online Threats Researcher Andrei SERBANOIU.

About the author


Bianca Stanescu, the fiercest warrior princess in the Bitdefender news palace, is a down-to-earth journalist, who's always on to a cybertrendy story. She's the industry news guru, who'll always keep a close eye on the AV movers and shakers and report their deeds from a fresh new perspective. Proud mother of one, she covers parental control topics, with a view to valiantly cutting a safe path for children through the Internet thicket. She likes to let words and facts speak for themselves.