By Jennifer LeClaire

Phishing attacks have jumped on Twitter and the latest victims are British politicians. The phishing attacks lure Twitter victims to click on malicious links, and Twitter is working to reset victims' passwords. Cybercriminals sent out fake Twitter messages from the British politicians, but the ultimate goal of the phishing attacks is money.

Cybercriminals are relentlessly attacking Twitter. Over the past few days, Twitter has noticed an increase in phishing attempts and is working feverishly to reset passwords for affected accounts. British politicians are the latest to fall victim to the scams.

Twitter users who have received a direct message or see tweets with phrases like "This you???" or "LOL is this you" followed by a link are warned not to click through because the destination is a crafty phishing site designed to steal personal information.

"While simply receiving this message does not mean your account is compromised, if you do click through and enter your username and password, you'll want to change your password," Twitter said in a security update. "If you've received this type of spam from a friend, you may want to alert them to change their password."

British Politicians Targeted

The Twitter scams essentially take over a user's account and send out sexually oriented messages to followers. Cybercriminals hijacked British Energy Minister Ed Miliband's Twitter account and used it to distribute a racy message that mentioned his sex life. Miliband sent a tweet later that read, "Oh dear, it seems like I've fallen victim to twitter's latest 'phishing' scam."

House of Commons leader Harriet Harman said her account was also hijacked and used to send a message to opposition lawmaker Alan Duncan. The contents of the message were not disclosed. Intel U.K. and tech blogger Cory Doctorow also reported their Twitter accounts were hacked.

Money is ultimately the driver for the attacks on social-networking sites like Twitter. Criminal gangs can make money by stealing users' credentials and using their accounts to spam out revenue-generating adverts or spreading malware to create botnets, according to Graham Cluley, a senior security consultant at Sophos.

Sophos' research reveals that 70 percent more people are reporting that they have been spammed or sent malware via a social network in the last year. The fact that the social networks are growing so quickly has made them immensely attractive to criminal gangs, Cluley said.

Should Twitter Do More?

"It's hard to tell how much money the hackers are making, but clearly they have successfully hijacked a considerable number of accounts that they have been using to bombard other users of the micro-blogging network," Cluley said. "Let's not forget that a password stolen from a social network might also work on other web sites. In our research, 33 percent of people admit to using the same password on every web site they access, so it's really important that people get more sensible about their password use."

Shouldn't Twitter be doing something more aggressive to protect its users? Even though Twitter said it will start resetting the passwords of accounts that have been compromised, Cluley said it probably needs to do more and take a leaf out of the books of more established services like Gmail, Yahoo and Hotmail, which have been filtering spam and malicious content from their users for years.

"We also hope that Twitter will be able to do more to warn their users about the dangers of phishing, spam and malware to prevent more attacks establishing themselves in the future," Cluley said.