Sophos warns of Twitter scam involving Draw Something

The Pictionary-type game Draw Something is so popular it was only a matter of time before online scammers jumped on the bandwagon.

Security firm Sophos is warning about a scam on Twitter that is designed to trick people into filling out a survey with the promise of possibly winning a prize. But like nearly all prize offers online, this one is fake.

Basically, the scam is triggered by Twitter posts mentioning "Draw Something." A Twitter account that is not affiliated with game creator OMGPOP is offering prizes to people who have referenced the game in a tweet and encouraging them to visit a Web site called drawsomethingwinner.com, where they are prompted to answer a few questions supposedly to claim an award, Graham Cluley, senior technology consultant for Sophos said today on the Sophos blog.

Meanwhile, it's unknown what the scammers are doing exactly with the survey data or contact information being collected, but it's possible the information could be used to send people spam or phishing e-mails, or even sign people up for premium rate text service, according to Sophos.

"The scam survey that you are taken to varies according to where in the world you are. So, some may well ask you for your e-mail address," Cluley told CNET. "Others may ask you for your mobile phone number (and sign you up for expensive premium rate services). Typically they also ask for name, address, date of birth, etc."

Sophos has reported the account as spam to Twitter, and hopefully the Twitter account will be shut down, Cluley said.

The success of Draw Something has been astonishing. The app, which works on iPhones, iPads, and Android devices, is believed to be the fastest spreading app ever. It's been downloaded more than 35 million times since it launched in early February. Its creator, OMGPOP, was acquired by Zynga last week for an estimated $200 million.

Updated 1:15 p.m. PT with more details on the types of information collected by the scammers.