We have received multiple reports that a new, convincing, and dangerous worm and phishing scam is making the rounds on Twitter. Hacked accounts are sending DMs to users and stealing their login information. In fact, one of our own has received one of these direct messages.
Unsuspecting users are receiving DMs with the following text:
If you get this DM, DO NOT VISIT THE LINK. It takes you to a replica of the Twitter (Twitter) login page where the hackers will steal your account and use it to send out more infected DMs to your friends.
If you’re one of the unlucky ones to be fooled by this worm, make sure you change your password. Also delete any tweets or DMs that have the link. If you can’t log into your account, reset the password and contact Twitter Support.
This is not the first worm to hit Twitter, but this one is especially dangerous because the login page is convincing and it is spreading via DMs from friends you trust.
When we have more information, we’ll update you with it.
Update: We contacted Twitter and they quickly got back to us. They are aware of the threat and are on the case.
We have not received this worm at the Bernays Sauce Twitter page, but we're hoping to get the chance to ignore it.