Twitter users hit by more phishing and spam attacks

The phishing campaign which spread over the weekend via Twitter, stealing users account details has evolved into a series of new campaigns.

Many Twitter users are reporting that they have been struck this morning with a barrage of new direct messages such as:

hey. i won an iphone! come see how here [url removed]

and

Sign up to our free newsletter.
Security news, advice, and tips.

Wanna win the new iPhone? It's so easy and cool, I love this thing! Visit: [url removed]

Clicking on the links can take users to a website that claims that they might win an Apple iPhone if they hand over their credentials including their cell phone number. It is possible the spammers are earning a commission via affiliate links by directing traffic to these websites.

iPhone winner website

Even Twitter celebrities such as Stephen Fry (perhaps not surprising considering how many followers he has) have reported clicking on links from the earlier phishing campaigns without thinking of the possible consequences.

With typical wit the self-confessed gadget freak Fry admits that another Apple iPhone is the last thing he needs.

Stephen Fry Twitter messages

The good news is that because Twitter celebs like Stephen Fry have so many followers they can help spread warnings to other members of the Twitter community about phishing campaigns very quickly. On the other side of the coin, however, if their accounts were ever compromised the spammers would believe that they have hit the mother lode. After all, a link in a message from someone famous might be very hard for many people to resist..

Twitter is obviously concerned about the phishing and spam problem, and has added a warning on its site.

Warning from Twitter

However, the constant stream of reports suggests that there are still a sizeable number of Twitter users who do not realise that their accounts have been compromised.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.