One would think the notification that a site wants to post on an individual's Twitter feed to be so important that it would be highlighted in red, and might be accompanied by the sound of sirens in case the individual is suddenly struck blind. Alas, that's not the case. The exact phrasing is this: "The application would like the ability to access and update your data on Twitter." It's not even made explicitly clear that the app might post messages.

At the present time it appears the scam no longer works; either the malicious Website is offline, or clicking through to allow permission for connection causes Twitter to explain that the required token is no longer valid.

However, should you find yourself hit with this malware or something similar, the first step is to remove the connection. You can do this by visiting Twitter.com, clicking on your username at the top right, and then clicking the Settings link.

On the page that appears, click the Connections tab and find the app in the list. Then click the Revoke Access button.

You can prune your Twitter feed of the malware messages by going to your list of Tweets (click Home and then the Your Tweets link), and hovering the mouse over the message until a Delete option appears. Run a full virus scan just in case--and while that's completing, it might be a good idea to tweet that you've been infected, but that everything is now cleaned up.