Security experts are warning Twitter users not to click on any links posted with the message 'This you????' as they are part of the second phishing attack in a week to hit the micro-blogging site.
The new attack appears to be a follow-up to the 'LOL' attacks which struck the site over the weekend, as both use social engineering techniques and short messages sent from compromised accounts to trick users into clicking on malicious links.
Both attacks also direct victims to a fake log-in page. Users entering their credentials are shown a fake Twitter 'fail whale' before being taken back to the real Twitter main page, meaning they may not realise that their credentials have been compromised.
"It's bad enough if hackers gain control of your Twitter account, but if you also use that same password on other web sites (and our research shows that 33 per cent of people do that all of the time) they could access your Gmail, Hotmail, Facebook, eBay, PayPal, and so forth," wrote Sophos senior technology consultant Graham Cluley in a blog posting.
"So be cautious about the links you click on, choose a strong password and, if you have found that you're spreading suspicious messages from your Twitter account or believe that you have been compromised, change your passwords immediately."
Security-as-a-service firm ScanSafe released a set of guidelines yesterday outlining what to do if a social networking account has been compromised.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago