If you’ve got a Twitter account you’ll want to be extra suspicious of any goo.gl links for the time being. A new worm has been found posting shortened url links through unsuspecting Tweeters’ accounts to bring traffic to a bogus antivirus website.
The link brings you to the website of Security Shield, a malware program (Trojan/FakeAV-CMG) masquerading as PC security software.
Twitter’s Safety account released an update claiming Twitter is “working to remove the malware links and reset passwords on compromised accounts.”
If it appears somebody has been using your account to post the links without your permission, change your password ASAP, remove the tweet with the link and maybe take a sec to post a “heads up” to your followers. More importantly, if you’ve given somebody permission to post these links – or any spam or links to malware – using your account, please kindly erase yourself.[Kaspersky, Sophos]