Now is as good a time as any to double check your Twitter security. The Twitter safety team is going around resetting the passwords of any account that has been affected by a phishing scam.
Twitter periodically cleans up the scams and hacked accounts that bubble up to the surface, and now they’re looking into those accounts that have been specifically targeted by a phishing scam.
A phishing scam is an attempt to gain access to someone’s account by figuring out their password. Usually, someone perpetrating a phishing scam poses as someone trustworthy – such as an official employee of Twitter or even a good friend of yours – and coaxes you into handing over your password.
This can be done by telling you that Twitter is doing routine maintenance, or that you have won a prize but they need to verify your identity. There are as many ways to phish for someone’s information as there are devious people out there.
Today, Twitter’s safety (@safety) account tweeted the following message for those affected by a DM phishing scam:
This means that Twitter will be looking into accounts that have been hijacked by a phishing scam, and resetting the passwords of those affected so the original owner can regain control. They are also asking for anyone who knows of someone who has been caught in a phishing scam to report the account.
You can usually tell when a person’s Twitter account has been hacked when they begin posting strange messages either on their public tweets or through DM that offer you a great deal, a secret video, or some other “too good/strange to be true” offer, while asking for your password.
Remember – a Twitter employee will never ask for your password. You shouldn’t hand it out to anyone posing as an employee, or even a friend or family member who asks for it. Keep your password secret, and change it regularly for the best security.