A Twitter worm is behind a new, fake antivirus campaign now in the wild. The attack, which was first spotted on Thursday, tweets a single, malicious link. Clicking on the malicious link sends users to one of various domains which feature an HTML page. From here, users are redirected to pages which hawk fake AV, aka scareware. The graphical user interface of the rogue AV software shows up in the operating system’s default language. Twitter is aware of the attack and is working to block it.”]
Source: https://www.darkreading.com/attacks-breaches/twitter-worm-unleashes-fake-av-attack