I wouldn’t go so far as saying that anti-virus and security vendors lie to make people buy their products, but this latest scare is stretching the truth a little far. Sure, one could hide an attack site behind a tinyurl, but to say Twitter is the optimal delivery mechanism for such an attack shows a rather thorough lack of understanding.
The great thing about Twitter is that you only see information from people you choose to follow. Generally through the incidental recommendation of someone else. The only way you’re going to get a “spam” link is through a random mention, and that sticks out like a sore thumb.
The anti-virus industry has a bit of a history of beat-ups and scare tactics. They’ve even gone as far as suggesting you “must have” a virus scanner for Linux, which is about as useful as being forced to de-shoe before boarding an aeroplane.