A Tumblr spam application is tricking users into giving it access to their blogs by promising users they can find out who’s viewing their sites.
The application ProfileStalkr requires users to give it “read and write” access using Tumblr’s application access settings, with the promise of allowing users to see what other Tumblr users have viewed their account and how many times.
Instead, once the application has access, it begins to randomly post survey spam to their accounts.
As Tumblr user lewdis has recently discovered, it takes a lot more than just changing your password and clearing your browsing history to fix this problem. You must go into your blog setting and revoke access to application under the apps section.
Since June, Tumblr has been the target of at least nine different spam and malware schemes, according to GFI, a web security organization.
Similar scams have been popular on Facebook and Twitter with users granting access to applications promising to tell them who has viewed their profile. Although such applications don’t actually work, and are routinely blocked by Facebook and Twitter, they are still in high demand.
The Daily Dot has reached out to Tumblr for a comment.
Photo via GFI