The scheme is being referred to as the “Lol” scam, because it is set up with a message which starts with that phrase.
Variants include “Lol, this you?” or “Lol, this is funny”, followed by a link to a fake Twitter login page.
Upon entering their login details, the user is shown a page saying that Twitter is over capacity, before being returned to the main site.
Of course, their details have then been phished and stolen, although they might not even realise it.
According to security firm Sophos, the spammers behind the scam are now using the compromised accounts to promote their herbal viagra.
While Twitter says that the phishing scam is only being propagated by direct messages, Sophos states that the links are appearing in public Twitter feeds due to services such as GroupTweet.
So be careful what you’re clicking on. If you think, or you know, that you’ve fallen victim, obviously you need to change your password immediately.