14 DAY TRIAL // Scammers are trying to capitalize on a recent Twitter viral joke by advertising fake Lord Gaga video which lead to a rogue spam app.
A joke circulating amongst Twitter users recently was about what would happen if Lord Voldermort from the Harry Potter series and Lady Gaga hooked up. The answer - Lord Gaga.
The spam messages read: "#pssst Lord Gaga VIDEO BANNED -----> [LINK] #onethingiveneverdone #cnn"
"The hashtags, which can vary, appear to be taken from Twitter's trending topics in an attempt to reach a wider audience," notes Graham Cluley, senior technology consultant at Sophos.
The messages started being sent from accounts using female names starting with "B" and "C" which have been set up particularly for this purpose. Some examples are BiancaTo5328, BereniceSunga52, BetaniaDevoto50, BiancaZollinger, and ConstanzaFuselier.
Clicking on the spammed links takes users to a fake YouTube page displaying a video player thumbnail and asking the users for their email address.
Pressing the play button prompts users to authorize an app called "money works new" to interact with their Twitter account.
Doing so is obviously not a good idea as this app is used to send spam from the victims' profiles without their knowledge or authorization. For example, the Lord Gaga message is posted immediately.
"Don't make it easy for scammers to make money in this way, and always exercise caution about which third party apps you allow to connect with your social networking accounts," advises Graham Cluley.
Users who fell victim to this scam should go to their profile's settings, click on the Applications tab and revoke access to any app that they don't recognize or need.
The rogue app trick has been commonly used by Facebook scammers for the past couple of years, but only recently it has taken off on Twitter.