You should avoid clicking on links in direct messages that you receive on Twitter today. “what on earth do you think you are doing in our video clip?” – is the current direct message.
Twitter direct message (if Facebook link is clicked) redirects to a Facebook app that redirects to hXXp://184.108.40.206/rem.php? [hosted on Victoria, Mahe, Seychelles Ideal Solution Ltd, inetnum: 220.127.116.11 – 18.104.22.168].
Spamhaus (SBL) initially listed IP:22.214.171.124 as a DDoS botnet controller on March 5, 2012 and IP:126.96.36.199 as a money mule database used by ZeuS/SpyEye botnet masters on May 25, 2011.
VirusTotal is reporting this as a clean site (though still unrated by Sophos and Websense).