After clicking a malicious link, users were sent to a Twitter look-alike page that asked them to log in. The usernames and passwords were stolen and the accounts were used to post a link hawking sexual-performance drugs, ComputerWorld reports.

Among the users who unknowingly sent out the spam message: British Cabinet member Ed Miliband and Matt Wells, head of audio at The Guardian newspaper.

Twitter can be a great place for spammers to send phishing attacks, experts say, because many links are posted using URL-shortening services such as Bit.ly. That can help hackers disguise their malicious links.

As this story shows, you can never be completely sure that something posted in a contact’s social networking profile actually came from the individual. Warn users to be careful about the links they follow from Twitter and other sites.