It’s baaack. Twitter Phishing Attack spreading via Direct Message.

Here we go again. Yesterday when I received the Direct Message below, I knew we were in for yet another round of embarrassment and confusion, as Spammers take over Twitter accounts by luring the unsuspecting into clicking on bad links. This lets them take over your log-in, which then allows mass DM spamming to your friends. These attacks can be particularly disruptive to businesses using Twitter. There were a couple of particularly humiliating phishing attacks last fall, which left companies big and small red-faced and wondering how to clean up the mess with their spammed customers. (My advice: clean up, then acknowledge and apologize.)

@jeffreyrbunch: haha, u look funny on here: (evil link)

If you receive a message reading “lol, is this you”, which links to a site called “bzpharma”, please do not click the link.

The Phishing attack is spreading like the proverbial wildfire today. But if you only receive one of these Direct Messages, you’re okay. Simply don’t click on that link. But if you inadvertently click (slips do happen, particularly when checking DMs pushed to you on your smartphone), you’ll know your account has been compromised if you’re (aka Spammer) sending out a flurry of them. Best plan? Change your password immediately.

This update comes via Mashable and Laura Fitton (@pistachio). Thank you!