If you have been active on Twitter today, then you are likely to have noticed or heard about the mass numbers of DMs, or Direct Messages, that people are receiving.

It all started with a number of DMs going out saying “hey look at this funny blog http://rosalierebyb.blogspo…”.

twitter-phishing01

When visiting the url, users were forwarded to a Twitter login page that was not actually from Twitter.

watch_out

The whole thing was a phishing scheme meant to steal a users login information and then mass DM all their followers with the same message seen above.

The word about the phishing scheme was spread quickly and Twitter even promptly posted a warning at the top of each page right under the “what are you doing” box.

twitter-warning

The linked website in the message was quickly removed from Blogspot.

After word was spread about the initial phishing messages, the attackers quickly changed the message to say “fixed it.. hehe here is that blog i wanted to show you http://twitterblogs.access-…”

twitter-phishing02

Again the message was quickly passed throughout Twitter to avoid visiting the page at http://twitterblogs.access-logins.com/login/, and if infected to change their passwords immediately.

Unfortunately the phishing website was not taken down and people continued to attempt logging in.

Within the last hour, a mass of DMs are starting to go out again. This time they are not linking to the Phishing site, but rather an affiliate offer to win an iPhone.

twitter-iphoneoffer

Here is what the affiliate site looks like:

winiphoneoffer

It would appear that all the phishing attempts were an effort to access enough accounts to send out this iPhone offer.

What are the odds that the affiliate company is going to actually pay the affiliate on this one…