Security experts are warning Twitter users of yet another phishing attack aimed at stealing usernames and passwords.
The malicious tweets in question take the form of a message such as 'LOL. this is me??' or 'LOL, this is funny?', followed by a link including the term 'bzpharma.net' which leads to a fake user log-in page.
Users entering their credentials on this fake site are shown a fake Twitter 'fail whale' before being taken back to the real Twitter main page.
This means that they may not realise that their credentials have been compromised, warned Sophos senior technology consultant Graham Cluley in a blog post.
Twitter staff have said that the phishing messages are being sent by direct message only, but Cluley warned that they are also being posted in public fields.
"It appears that the messages are being shared more widely because of third-party services like GroupTweet which extend the standard Twitter direct message functionality and allow private messages to be sent to multiple users, and optionally made public," he wrote.
"As a result we have found Twitter accounts that have warned their followers about the phishing attack, only to subsequently fall victim to it themselves."
Cluley advised any users tricked into handing over their credentials to change their username and password immediately.
Sophos' latest annual threat report found a whopping 70 per cent rise in the number of spam and malware attacks taking place on social networking sites over the past year.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago