WARNING: Twitter “Top Stalkers” TweetViewer Virus Still Spreading

Regardless of how much fun it would be to see the latest people who visited your Twitter profile page, you can’t. So keep this in mind when under the barrage of a Twitter scam like “Twitter Stalkers” which hit late last week and is still going strong.

First reported by digital security firm Sophos’ Naked Security Blog on March 3, this Twitter stalkers scam is still going strong. The Naked Security Blog reported that phrases such as “I just viewed my TOP 10 Profile STALKERS – [LINK]” were being posted without users’ knowledge to their accounts. The link led to a third-party app which promised to show users their top profile stalkers, but which really just hijacked their account to post the scammy message and got them to fill out a survey which made money for the scammers.

The app “Who Viewed Your Profile” has apparently been taken down, but this type of scam – possibly run by the same scammers – is still going strong.

Messages like the following have been appearing on Twitter users’ profiles without their permission lately, right up until Monday morning:

Clicking on the link will take you to an application called TweetView. If you do click this link, immediately revoke access from this app, and change your Twitter password as well. By all accounts, TweetView (or TweetViewer) works similarly to the “Who Viewed Your Profile” app, sending rogue messages and requiring users to fill out a useless survey.

TechCrunch reported that the “Tweet Viewer” scam was spreading as fast as 159 tweets per minute at its peak on Saturday. And even celebrities are caught off-guard by the promise of viewing who visited their Twitter profile – PC Mag reported that Zach Galifianakis‘s Twitter account was hijacked by the scam.

It looks like Google and Bit.ly have disabled many of the current shortened URLs which direct to these rogue apps, but the scammers continue to try new ways to get around this by changing the name of their application and the wording of their rogue tweets.

Never click on a link from accounts you don’t trust, or links which lead to domains you don’t trust. And as far as we know, there’s no way to see who visited your Twitter profile – so avoid links that promise this altogether.