"Do NOT click! —ANOTHER account-stealing hoax DM: 'Twitter is going to start charging? see this article' is FAKE," they tweeted on Wednesday.
The goal of these scammy messages is to make users follow the link to a bogus Twitter login page, asking them to log in in order to peruse the article.
Once the login credentials are entered and submitted, they are sent to a remote server controlled by the scammers, who will be misusing them to hijack the victims' Twitter accounts - and maybe other accounts as well if they have been careless enough to use the same password on them.
If you have fallen for the scheme, change your Twitter password immediately - and make it a strong one - then change it on any other account you have used it for. And this time make sure to use different passwords for all.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.