That "Don't Click" Twitter virus thing
"Twitterjacking" in the wild, an example of "clickjacking."
Effectively, the trick is you are clicking "update" on twitter and updating your status, when it looks like you are pushing a button on a totally unrelated web site.
What's happening here is a hidden iFrame is positioned on top of a button that says "don't click", on a regular web site.
The iFrame is pointing to twitter.com/home/?status=Don't Click [bad URL] - so that loads your Twitter homepage, assuming you're logged in, with the form pre-filled for your status update. Only thing you need to do now is click "update", and you will have re-tweeted the "virus."
The iFrame achieves this by positioning itself such that the "update" button overlays the button you are actually seeing in the page - however, it's invisible normally because the iframe's opacity is 0. I've edited it with Firebug to be 0.5, so you see the hidden iFrame which actually receives the click.