The Bank of Melbourne has moved to reassure customers their money was safe after its Twitter account was cracked.
The account began pumping out spam via direct messages to the banks to followers late Tuesday before it was brought under control.
It warned customers in a Tweet not to click on links sent in the messages, adding that “no customer/personal data [was] compromised.”
It said it “takes security very seriously and will be strengthening policies to further protect social channels”.
Phishing attacks are prolific over social networks like Twitter. One campaign has produced a surge of Twitter spam from hijacked accounts spruiking fake careers news stories that point to blackhat websites.
That campaign pointed to a fake news site, 77news.net, registered under what appeared to be false details pointing to a Russian address.
The registrar named as having registered the site, the Center of Ukranian Internet Names, did not respond to notifications that its customer account was used to harvest credentials from Twitter users.