A number of Twitter users have been forced to reset their passwords after a phishing attack.

Scottish blogger Andrew Girdwood was among those who reported receiving a message that states 'Due to concern that your account may have been compromised in a phishing attack that took place off-Twitter, your password was reset. Please create a new password by opening this link in your browser. ... Remember to choose a strong password that is a combination of letters, numbers, and symbols. Do not reuse your old password'.

Twitter acknowledged the password reset, describing it as a "precautionary step" but did not say how many users were affected or describe the nature of the phishing attack.

Twitter's official 'safety' account issued a tweet saying 'Got an email from us saying we've reset your password? A small # of accts seemed possibly affected offsite & we took a precautionary step'.

Previous tweets from this account offer advice for avoiding attacks, such as 'Giving out your username & password to a 3rd party site promising you more followers: not a good idea AND a violation of the Twitter Rules'.

Twitter's message to users urged them to remove any updates they did not post themselves; scan their computers for viruses and malware; and check the Twitter connections page and revoke access privileges for any third-party applications they do not recognise.

Twitter has become a magnet for computer hackers because of its increasing popularity, with reports of malware and spam on social networks rising 70 percent in the last 12 months.

Follow PC Advisor at Twitter.com/PCAdvisor

Network World

See also: Twitter hits 75 million user mark