Latest Twitter Email Phishing Scam

Fri, May 7, 2010 by

The latest phishing scam targeting Twitter users is in the form of an email message claiming to be from Twitter Support. The subject line of the fake email message starts off with the word Twit and is followed by a set of numbers. These numbers will vary from email to email. The email message claims that you have some number of “unreaded” or delayed messages from Twitter, and provides a link to supposedly check your “unreaded” messages. How nice of them! But instead the link takes you to a malicious phishing website.

There are actually two links in the fake email message, both linking back to malicious phishing websites. Don’t click on either of them! Here’s what the email looks like:

Twitter unreaded email phishing scam

According to Twitter Safety, Twitter Support doesn’t send emails about unread messages.

Twitter safety email phishing scam alert

What Can You Do?

Here are 7 things you can do to protect yourself, and avoid becoming a victim of email phishing scams.

  • If you receive an email message claiming to be from Twitter or Twitter Support with the subject line Twit [set of two numbers here], do not open it and delete it right away.
  • If you receive an email with bad English or misspellings, most likely it’s a scam. For example using the word unreaded instead of unread. Don’t click on any links in the email or download any attachments.
  • Don’t click on links in email messages. Always go to the site directly and log in to your account to check it out.
  • If you must click on a link in an email, for example it’s not a check your account status type of email, hover over the link and look at what the status bar tells you. If the URL shown in the status bar isn’t for the website you’re expecting to go to, don’t click on the link. In the case of this recent Twitter scam, the URL in the status bar doesn’t link to twitter.com. Instead it links to dev.somedomainname.com.

Twitter email phishing scam domain name on status bar

  • Note that the only domain name used by Twitter is twitter.com. Any URL that doesn’t start with http://twitter.com/ is not an official Twitter page. That’s not to say it’s a malicious site, it’s just not an official Twitter page, so use caution when going to these sites.
  • If you have a Twitter account, follow Twitter Safety or Twitter Spam to get the latest news about known Twitter scams.
  • Read and follow the 5 most important steps for internet security to protect your computer from these cyber crimes.

Image credits: Fake Twitter email, Twitter Safety tweets