It happens when you sign the same message twice. Then the attacker can potentially start to be more able to craft a fake message to fit the signature. The more, the easier. This is another reason why using different addresses every time should be and is generally the norm with bitcoin usage, except for donation addresses. These really should be protected with signatures and issued on demand, but that then requires a hot keychain somewhere.

I think for this reason also a challenge signing protocol should have the signer add their own random value to the provided challenge in order to avoid the other end getting multiply signed identical messages.