Bank of Melbourne's Twitter account has been taken over and used to send out direct messages designed to acquire personal information.
The direct messages, sent on Wednesday, contained a link bidding to harvest users' Twitter credentials.
The WestPac-owned bank warned its 800-odd followers of the scam with the tweet: 'ATTN: Unauthorised DMs sent bw 4-5pm today, do not click link. No customer/personal data compromised. Apologies for the inconvenience ^TT'
After apologising to customers, the bank assured them: 'Thanks for all your support. We take security very seriously & will be strengthening our policies to further protect our social channels ^TT'
Last year first direct's Twitter account was targeted by fraudsters who used it to tweet 'hey, I've been having better sex and longer with this here', and point to a link to a suspect third party site.