Steve Ragan at CSO wrote: "Scammers are using Twitter as a vehicle to target people looking for customer support or asking general questions. They interject themselves into legitimate discussions, offering friendly chatter and a link that directs the target to a Phishing page designed to harvest credentials.
On Twitter, someone – or perhaps a group of people – are following support accounts for large financial institutions and watching their interactions with customers. Depending on the question asked, the scammers will respond to the customer (usually after the official account has) and direct them to take 'additional' measures.
Social Engineering is a powerful tool, and given the right construct it can be hard to detect or defend against. The recent phishing attempts were brought to Salted Hash's attention, after they were mentioned by Sam Stepanyan on Twitter. It didn't take long to fine active examples."