Deactivate 'Who Visits Your Twitter Profile?' Straight Away!
Over the last week or so I've started to notice a lot of Tweets appearing on my main Twitter timeline advertising a link that supposedly shows you or lets you know who has visited your profile. Sounds too good to be true?
Well as I've been a Twitter developer for nigh on a decade, I can confirm that yes it is too good to be true. It's a massive, and potentially dangerous, scam. There is no(!) way to find out who has visited your profile at all.
And if you've 'authorised' this 'app' (their website address is http://lastvisits.club/us/), then I suggest you quickly 'revolke access' to it.
Contrary to what it says on its (unsecure) webpage:
"This app cannot post on Twitter"
Well that above sentence on their website is complete and utter bullshit.
Upon clicking the 'Click here' button you're shown the permissions that you allow THEM to access on YOUR account.
If you've accepted them already, then you've given them pretty much COMPLETE AND FULL access to EVERYTHING on your account, and for the shits-n-giggles they can now easily post spam or even illegal material through your account or scrape your DMs (Direct Messages) for every single picture (yes, including that dick-pic or picture of your boob) you've sent or had the luxury, or horror in some cases, received. And there's no point changing your password either if you think you've "been hacked", as that doesn't change your 'token key'. People no longer need your username, email or password to take control of your account... it's all done with 'tokens', two tokens and two secret keys in this case.
I have reported the App, so by the time this post has gained any traction it might not be online anymore, but seriously people, please keep a check what is attached to your Twitter account.
Unsure where to look? If you're on Twitter (Desktop) then go here:
SETTINGS [AND PRIVACY] -> ACCOUNT -> APPS AND SESSIONS -> CLICK 'Who visits:)' (or could be now known as 'My last visits :):)') -> REVOKE ACCESS
It might/should be the same for Android and also iOS devices, failing that, just click here.
Stay safe folks.