The security firm says these users, known as 'spitters', can be identified by the large number of Twitter profiles they follow that have similar names to themselves. Sophos believes that cyber criminals eventually intend to distribute spam or malware to the members they follow.
"The people creating these accounts probably found the usernames by simply using the Twitter search engine for matching names," said Graham Cluley, senior technology consultant at Sophos.
"The accounts do not yet appear to have been used to distribute spam messages, but the intention is clear. When these spam twitterers, or spitters, inevitably use the accounts, it could be solely to unleash spam, or they could try and infect users by sending messages that link to malware."
Sophos says Twitter members should block any followers they suspect of being fake and report the suspicious accounts to Twitter.
See also: Twitter traffic up 1,000 percent