No, That Picture Is Not You – Don’t Click That Link!

There’s a new and particularly nasty virus making the rounds on Twitter and more and more folks are falling for it.

Have you seen it? We bet you have – and we hope you didn’t click the link!

Sophos Naked Security is warning users about a new malware attack being sent from rogue (and hacked) Twitter accounts asking @recipients if “this picture is you” or some variety of that question.

IT security and data protection firm Sophos is warning Twitter users to be cautious following the discovery of a widely spread malware attack on the micro blogging site.  Malicious links, claiming to be an online photo of the Twitter user, are at present being spammed out across the social network.  The links point to Russian web pages that ultimately attempt to infect Windows PCs using the Blackhole exploit kit.

“If you see tweets like this, please do not click on them,” said Graham Cluley, senior technology consultant at Sophos. “There isn’t a photo of you waiting at the end of the link – and the accounts that are spreading the messages have either been compromised by hackers or have been created by hackers with the purpose of spreading the dangerous links.”

“There’s a real danger that if Twitter users have not properly protected their PCs, and unless they are warned of the risk, that many people will click on the links without suspecting that they are putting their computer and personal data at risk,” warned Cluley.

The best advice is to not click ANY links from people you don’t usually interact with online. The wording can easily change to “did you really do this?” or something else designed to get you to click, so don’t click ANY of these links.

Why are we so concerned about what you do/do not click on Twitter? When your account is compromised, hackers can send @mentions and DMs to the rest of us and we may click those links thinking it’s a genuine heads up coming from a trusted source. So, you’re not only putting yourself at risk, but those you interact with on Twitter when you fall for these scams.

You can learn more about this outbreak on the Sophos website.

Have you seen these tweets going around?

(Malware alert image from Shutterstock)