Users of Twitter have reported that they are receiving spam messages from their followers.

 

In the messages, users are being directed to a funny blog, a website with their picture on it or to a page where they can win an iPhone. According to Sophos, if users click-through they will get to a phishing site that is disguised as the Twitter login page, where spammers will attempt to steal their username and password.

 

Twitter co-founder Biz Stone alerted followers to the danger as his team worked on the problem, and later advised members who may feel ‘weirded out' by the incident to change their passwords and exercise caution when they reach web pages which ask them to log in to Twitter.

 

Graham Cluley, senior technology consultant for Sophos, said: “It would be bad enough to hand your Twitter username and password over to a criminal, as they could pose as you online and spread malware and spam to your friends and followers. However, as so many internet users foolishly use the same username and password for every website they access, the potential for abuse is even greater.

 

“The good news is that because Twitter celebs like Stephen Fry (who seemingly clicked on a suspicious link, but claimed that the last thing he needed was a new iPhone) have so many followers they can help spread warnings to other members of the Twitter community about phishing campaigns very quickly.

 

“On the other side of the coin, however, if their accounts were ever compromised the spammers would believe that they had hit the mother lode. After all, a link in a message from someone famous might be very hard for many people to resist.”