Joanne just received a Direct Message on Twitter from someone she follows, but doesn't actually know. It read "Hey is this you on here?" followed by a link and looked like this:
The link took her to a site that looked like Twitter and asked for her Twitter password:
If you receive a similar DM, do not click the link or enter your password.
If you have entered your password, you should change your Twitter password now.
Other people seem to be having the same problem. There also appears to be variant: hah, I think I seen u on here.
The site appears to be down now, so hopefully this scam has reached its end.
Update: The scam site is back up now. I took the opportunity to add a screen shot in the hopes that it makes it more easily identifiable, as it's a slightly different look and feel from the current Twitter design