It seems that the weekend was busy for the Twitter security team, last Saturday I saw a warning in the official account @safety that referred to a phishing attack but since I did not find victims in Spanish I let it go, I did not feel like it writing the same thing I had already written a few weeks ago about a similar attack.
But today, thanks to a notice from @Toniors, I find some cases of Hispanic users who fell into the trap, one of the messages that was circulating was the following: Hey what’s up with this bad blog thats going around about you? (short link)
Clicking loads a fake Twitter page It simulates a lost session, if the victim pays no attention to the URL (twitter) their password ends up in the hands of the attackers and similar DMs start to be sent to all their followers:
Fake Twitter page
They are quite viral attacks that in a few hours manage to infect hundreds of users. While they circulate all the time, some phishers prefer weekends when there are fewer staff to deal with these issues and users / bloggers / researchers are off guard.
If strange messages are being sent from your account, what you should do is change your password immediately! And in the future, pay attention to the links you follow and especially to the URLs where you enter sensitive data such as the password.
Another of the messages that is circulating is: I saw a real bad blog about you, you seen this? (short-link)