The monthly report and analysis - written by Urban Schrott, an analyst with ESET's Irish operation - analyses some of the month's phishing attacks.
In one classic Twitter-based phishing attack, researchers found one out of every five people who accessed the malicious website provided their sensitive data.
The attack started with an email apparently from a famous Latin American bank: using classic social engineering techniques, it lured the victim into clicking on and connecting to a web page where they were required to provide their bank account data.
After analysing one of the directories, ESET's researchers found that the data files with the victim’s information were recorded on the same phishing server.
Further analysis of the text file containing the data supplied by the victims revealed that the attack was active for just over five hours.
During those hours, Schrott's report says that 164 people accessed the phishing site, which indicates an average of about 30 people per hour.
Out of the 164 participants, 35 entered valid credit card data, which indicates an effectiveness of 21%, says the report.
As a result of his team's findings, Schrott advises that it is better that you ignore any tweet that contains only a URL, especially a goo.gl link, even from a trusted source.
"URLs without explanatory text are usually a danger sign in email, Facebook updates and such. Of course, the likelihood is that such messages will start appearing sooner rather than later with social engineering hooks like the `OMG, I can’t believe...' scams so commonly seen on other social network sites", says the report.
Because of these issues, Schrott's report says that people will have to learn to be more discriminating and more cautious.