Have you noticed unexpected Tweets by your account? Have you seen unintended DM's (direct messages) sent from your account? Maybe you observed other account behaviors you didn't make or approve (like following, unfollowing, or blocking). If so, your Twitter account is likely compromised and being used to spread what's coined "the DM virus".
If you can still log into your Twitter account, here are some steps you can take to stop spreading the virus and regain control of your account.
How the Twitter DM Virus works
A spammer hacks into someone's account that you follow and sends you a direct message (Twitter's version of an email). The DM contains a link --with a short eye-catching note aimed at grabbing your attention. Since the DM appears to come from a trusted follower ---it's often mistaken as a safe link ---but it's not.
If you have received a message like this from one of your followers it's likely that their account has been compromised by spammers, and the once your click on the infected link, you could find your account, and your identity, hijacked by the spammer. It often appears as though you were innocently bumped off Twitter, and you find yourself back at the Twitter login page. Trouble is, it's a fake Twitter page and once you input your password, you've effectively turned full control of your account over to the spammer who is now free to spread the virus to your friends.
With full control of your account, the spammer can easily change your password, your email address and your very identity with just a few keystrokes. He or she can then follow, unfollow, block, unblock, tweet and send DM's ---as well as the virus---as you.
So what can you do to fix the problem?
If someone has compromised your Twitter account, and you can still log in, follow these steps to regain control;
Sign in to Twitter. Click your username and choose the "Settings" option, and then click on change password. Input your current password, then pick and confirm a new password and click "Change." Make sure you pick a strong password.
Select the "Applications" tab. Scroll through the list of applications you've enabled access to your Twitter account. Choose the "Revoke Access" button next to any applications you don't recognize.
Create a new tweet. Inform your followers that you have recently been hacked and not to click on any links that come via DM or appeared to come from your account. Inform them, however, that you have since taken back control of your account and your account is now clean.
Delete any unwanted Tweets that were posted while your account was compromised.
Once you have completed these steps, it's a good idea to scan your computer for any viruses and malware, especially if unauthorized account behaviors continue to be posted after you've changed the password.
If your password has been changed and you can't access your account, visit the Twitter Troubleshooting page.
If you followed these steps and still have issues with your Twitter account, you can file a Support Request with Twitter and ask for more assistance
Visit Twitter's Safe Tweeting page for more information on how to avoid hacking and phishing scams.