Twitter mobile blogging users are being tracked by spammers and malware spreaders.
IT security firm Sophos said the "spitters" were using suspicious accounts to build up databases of contacts in order to spread their spam messages.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
These spam accounts are recognisable as they tend to follow very large numbers of similarly named Twitter profiles.
A video demonstrates how Sophos consultant Graham Cluley was alerted by a Twitter account that was also following more than one hundred other users, all with user-names containing "Graham" or "Honda".
"The people creating these accounts probably found the usernames by simply using the Twitter search engine for matching names," said Cluley. "The accounts do not yet appear to have been used to distribute spam messages, but the intention is clear.
"When these spam twitterers, or 'spitters', inevitably use the accounts, it could be solely to unleash spam, or they could try to infect users by sending messages that link to malware. The best advice is to block suspicious followers right away."
To reduce the risk of being exposed to malicious activity on the micro-blogging service, Sophos recommends that users observe these security tips:
1. Block followers that you suspect of being spam accounts or "spitters"
2. Report suspicious spam accounts to Twitter by sending a message to the "@spam" account
3. Do not click on any links in Twitter updates or messages from suspicious user accounts - they may lead to malware-infected websites
4. Be wary if you are asked to re-enter any login details - Twitter users have had their passwords phished from them by being taken to bogus websites. Even Stephen Fry, one of Britain's most popular Twitters, admitted he was fooled into clicking on a dangerous link designed to steal his information
5. Choose a non-dictionary password - a Twitter staff account was recently hacked when the password "happiness" was guessed - giving hackers access to celebrity Twitter accounts