Last week we reported a new twitter phishing scam that was spreading and tricking twitter users by getting them to click on a link and provide their twitter log in credentials to a face twitter log in page. 

This week, that scam and similar variants claimed more victims including big companies and a UK government minister.  The UK's BBC, The Guardian, United Airlines and UK Cabinet Minister Ed Miliband were among the high profile victims.  There are likely thousands and thousands more. 

The scam ends up netting control over twitter user's accounts and then they spam links to your twitter feed for SEO purposes and for selling of sex enhancement products.  The scammers are likely getting a commission for every sale and could be making huge money from the scam. 

Twitter warned users on their status update blog two days ago and their main company blog only yesterday to "Avoid 'Phishing Scams".  They give an example about this specific scam where a message comes that says something like "LOL that you" or This you?.   They advise to read their Keeping Your Twitter Account Secure help article to learn more about keeping your account secure.  Also, to keep abreast of these scams to follow @safety and @spam on twitter and to check their Twitter Status Blog.

Here is a video on how the attack happens.  We hope it can help people to recognize these attacks as they will be likely coming again in the future but with different words and links.

Here are a couple of images of the hacked accounts