The scam appears to center on Twitter users' ability to direct message (DM) each other, with users receiving a message saying "you're on here" with a link to a third-party website.
Because the link uses Twitter's brand new http://twt.tl URL shortening service, many users are likely to be unfamiliar with the facility, and click through to the third-party site.
The bad news, Infosecurity notes, is that the link actually leads to a malware-infected page.
The Mashable blog portal has warned Twitter users to watch out for this type of message, saying: "If you get such a message on Twitter, do not click the link or enter your login details on the landing page."
"If you find you're sending out these DMs to friends, change your Twitter password", the site says.