Twitter phishing attack forces password changes

Social networking site Twitter recently instructed a number of users to change passwords after a phishing scam managed to steal the private details of a number of user accounts. Twitter said that it had blocked a number of accounts of users who have fallen victim to the scam, which is designed to steal login information by constructing a fake site or email. The exact number of users affected is said to be small, although the company did not give a specific number. "As part of our ongoing efforts to monitor our user base for odd activity, we noticed a sudden surge in followers for a couple accounts in the last five days," said Del Harvey director of trust and safety at Twitter. "Given the circumstances surrounding this, we felt it was best to push out a password reset to accounts that were following these suspicious users." The site warned users that their passwords "may have been compromised in a phishing attack that took place off-Twitter," resulting in the reset passwords. News of this attack came hot on the heels of a report from Sophos that reported social network malware rose 70 percent last year.