Twitter users were being hit on Wednesday with what seems to be the second phishing attack this week, according to security firm Sophos.

The latest attack features a message that says "This you????" followed by a link that leads to a fake Twitter log-in page, according to a blog post by Sophos' Graham Cluley. If a user provides the log-in credentials, the attackers have control over the user's account and can retweet the phishing message from that account.

Earlier in the week, a phishing attack was spreading via direct messages that were widely distributed because of third-party services such as GroupTweet, according to Sophos. Compromised accounts were then used to send pharmaceutical spam for herbal Viagra.

More: http://news.cnet.com/8301-27080_3-10459108-245.html