A new phishing scam aimed at stealing Twitter passwords has in its sights the Internet's more mischievous denizens: hackers themselves.
"Are you looking for a way to hack your friend's Twitter account without them finding out? Interested in finding out ways to hack someone's profile? Maybe you want to take a quick peek at their direct-message inbox," the clever phishing email opens.
From there, victims are given a long "behind the scenes at Twitter" tale to build credibility.
Then it gets interesting. The phishing email includes code that recipients can purportedly use as they attempt to rifle through their friends' Twitter secrets.
Potential victims are instructed to plug in their targets' user names, their own user names and their passwords and to send it all to an email address.
That email address, of course, belongs to the hackers, who can then do as they wish with victims' Twitter login details. This could include spamming followers, perusing sensitive messages, stealing handles and deleting accounts.
Phishing scams can come in many forms and from many different directions. Always be skeptical when asked for login details or before clicking on suspect links. Make sure the URL bar displays the real login page or hover your mouse over a link to see where the link really leads.
Follow Ben on Twitter.