Your Online Timer survey scam spreads rapidly on Twitter

Your Online Timer survey scam spreads rapidly on Twitter

More rogue applications are catching Twitter users off their guard today, helping scammers earn money by spreading links that point to online surveys.

Following other attacks this weekend, which saw users spreading messages about a girl who killed herself and how addicted they were to Twitter, new messages are appearing on Twitter claiming to count how long users have been members of the tweeting service:

I have spent 379 days, 9096 hours on Twitter. How much have you? Find out here:

I have spent 379 days, 9096 hours on Twitter. How much have you? Find out here: [LINK]

The amount of time shown differs between users, so you may see different numbers.

The messages, posted by an application called “Your Online Timer”, include a link which – if your Twitter followers click on it – will encourage them to authorise that “Your Online Timer” should also be able to access and update their Twitter accounts.

Twitter rogue app

As we’ve discussed before, you should always think very carefully before allowing unknown apps the ability to access your social networking accounts.

Sign up to our free newsletter.
Security news, advice, and tips.

But if you do make the mistake of approving this particular application, you will be taken to a website which claims it will find out the time you have spent to date on Twitter.

Online survey

Regular readers will recognise the similarities with the so-called “11.6 hours” scam we saw spreading rapidly on Twitter earlier this month – and sure enough this scam shares a lot of similarities.

The page pops up a survey (when I tested the link it said there wasn’t a survey available in my country, but your experience may differ), which earns the scammers money for each questionnaire completed.

Meanwhile, behind the scenes and without your explicit approval, your Twitter account has been updated with a status update – spreading the link virally to your Twitter followers:

Status update from rogue application

Affected users should revoke the application’s access to their Twitter account immediately. You can do that by entering Settings/Connections and revoking the rights to the relevant application.

Revoke application permissions on Twitter

Sophos is in contact with about closing down the offending link, but it’s always possible that the scammers will use other links and other names for their rogue applications. So be on your guard and always think twice before allowing a third-party app to have access to your Twitter account.

If you’re on Twitter and want to learn more about threats, be sure to follow me at @gcluley.

Hat-tip: Credit to F-Secure’s Sean Sullivan who identified that the same user who was behind the “11.6 hours” scam appears to also be the originator of this latest attack.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.