Sophos states that during the 3rd weekend of February 2010, phishing attacks surged to strike Twitter via hijacking its users accounts. The purpose was to disseminate spam for making money; distribute malware; and steal identities.

Brett Myroff, CEO of Sophos' South Africa Regional Distributor, states that phishing attacks have battered Twitter users by exploiting people's curiosity over the recent days, as reported by Itweb on February 25, 2010.

The security company explains that 'tweets' enquiring "This you????" and a web-link taking to a fake login page of Twitter have created much scare across the site. Consequently, the site's users are fervently searching to know more using the phrase, which has become a highly trendy subject on Twitter.com.

Myroff states that anyone, who clicks on the web-link and feeds in his details, could be giving away his Internet identity to malicious attackers. These attackers or hackers can then use the person's username, password and e-mail address to disseminate further attacks through Twitter. Additionally, they may even try out the credentials on several other websites possibly accessing the person's other Internet accounts and exploiting them.

According to Myroff, there are growing incidences of crime against social networks. During 2009, a 43% increase has been noticed in the reported incidences of people struck by phishing attacks through such websites. Moreover, the manner in which situations are developing, the figure is most likely to rise. As social-networking sites expand in magnitude and strength, hackers will be increasingly drawn towards committing offenses through them, the CEO adds.

Graham Cluley, Senior Technology Consultant at Sophos, recommended that in case any user is struck by the new attack, he should instantly reset his password, as reported by Webuser on February 24, 2010.

Finally, Twitter users are also advised to update security applications on their computers to ward off undesirable malware via the current attack and its potentially resultant system compromise.