Twitter users are having their accounts hacked using a username and password harvester. The elaborate clone of the Twitter website’s login has already fooled many into thinking they are logging into Twitter itself. In fact, it’s so elaborate that it will actually take you to your Twitter dashboard page. The kicker is in the URL or address that users don’t rarely notice. In a direct message or an email seeming to be from a follower on Twitter, you’ll receive an obscure message. Something like “I’ve heard a nasty rumor” or “so and so said this about you” accompanied by a link similar to http://tinyurl.com/d959wm which will in turn take you to: http://tvivviter.com/log-in/e/?&session_timed_out . Looking just at the page it seems legit but look closer at the URL.
If you fall for this trick you should change your passwords ASAP and if you use the same password everywhere you should change them all just to be safe. You may also want to let your followers know in case they have seen a message from you recently and clicked a link.