The attack, which was reported this past weekend by security blogger Chris Pirillo, appears to be a direct message from one of a Twitter user's "followers," or friends. The message offers a link to another site, usually accompanied by a come-on, such as, "I found a Website with your picture on it," or "I just won a new iPhone!"
When victims click on the link, they are taken to a site that "poses to be the regular Twitter login page, but is actually stealing usernames and passwords from the unwary," according to a blog by Graham Cluley, a security researcher at Sophos. Once they've hacked those identities, the attackers then use the information to try to fool other Twitter users as well, Cluley says.
Twitter has posted a warning about the phishing campaign, and the service provider has also begun blocking the known URLs of the fake site.