Twitter is warning of a new phishing scam designed to trick users into divulging their user name and password.
"We have seen a few phishing attempts today. If you've received a strange DM and it takes you to a Twitter login page, don't do it," said a posting on the popular micro-blogging service's Spam Watch feed late yesterday.
The phishing attack arrives in the form of a direct message appearing to come from a user's followers.
The message, which says 'Hi. This you on here?', is followed by a link that takes users to a site designed to imitate a Twitter login page in order to harvest the credentials.
Graham Cluley, senior technology consultant at Sophos, warned that users who have fallen for the scam need to change their Twitter passwords immediately before their account is abused.
"Furthermore, you should make sure that you change your password on any other site where you were using the same login details as that could also become compromised. And, vitally, you must not use the same password on every web site, " he said in a blog post.
"It's time to wake up about social networking threats. Hackers like to commandeer poorly protected PCs to form a botnet from which they can send spam campaigns or spread malware. And in the same way they are after compromised social networking accounts."
Microsoft claims Check Point's methodology is all wrong - figure more like five million, not 250 million
Microsoft's explanation still raises as many questions as it answers
Wikileaks dumps info on 'Brutal Kangeroo', the CIA's malware toolkit for hacking 'air-gapped' networks
CIA's Brutal Kangeroo malware suite likened to Stuxnet
Commuters less than chuffed - many fined for not having a ticket