If you get a direct message on Twitter telling you to click a link to watch a video of President Barack Obama punching a guy, don't do it.
Spammers are using the idea of the president retaliating against someone for calling him the n-word to steal Twitter passwords and deliver malware to computers, security company PandaLabs noted today.
It's a scheme that uses the names of Twitter, Facebook, and YouTube for nefarious purposes, with spammers creating fake pages to dupe unsuspecting Twitter users.
The scam involves sending a Twitter direct message that reads "Check out Obama punch a guy in the face for calling him a n*****," along with a link that starts with a Facebook.com prefix. The link leads to a fake Facebook page that asks for Twitter credentials, which will then be used to hijack the link-clicker's account and allow spammers to continue the vicious cycle by messaging that person's Twitter contacts.
After unsuspecting link-clickers have given up their Twitter account info, they'll be sent to a fake YouTube-app download message. "An update for YouTube Player is needed," the message reads while displaying an install button. If people click the button, they'll download a worm that will infect their computer and steal personal data.
"Every time you receive a direct message, you should check with the sender that they have knowingly sent it to you," Luis Corrons, technical director of PandaLabs, said in the blog post. "Make sure it has not been automatically forwarded to you from a hacked account. As a general rule, always keep your antivirus software up to date and be wary of messages offering sensational videos or unusual stories as, in 99 percent of cases, they are designed to compromise user security."
The Obama scam is a variation of one that has been spreading. PandaLabs said users receive "dozens of them every day." These are direct messages like: "What exactly do you think you're doing on this video clip", "Hello this guy is saying bad rumors about u..." or "Did you see this pic of you?" that are sent along with a malicious link.
We've contacted Twitter about this security issue and will update when we hear back.