More than 11,000 email addresses were published on Twitter over a 24-hour period, according to research.
Users had broadcasted personal details including bank account and contact details.
Geo-targeted searches by Websense Security Labs found more than 30 email addresses were shared every hour in London by business leaders, journalists and celebrities.
“Twitter users blindly think that email addresses are safe for public consumption," Websense Security Labs security research manager Carl Leonard said.
"However, by publicly tweeting your email, you're connecting it with your name, location and information on your social graph.
“Criminals can exploit this wealth of information by directing waves of highly targeted phishing attacks at individuals or businesses, masquerading as users' friends or associates to encourage them to click on malicious links."
Websense said Gmail, Hotmail and other free web-based email services are under threat because attackers could harvest social information on individuals via Twitter to break into these accounts.
It recommended using direct messages (DMs) for sending email addresses to contacts on Twitter, and to update acceptable use policies to warn employees about sharing email addresses.