I received an email today supposedly from Twitter.com claiming that my account may have been hacked or a victim of phishing. I was skeptical of the email. The irony is that even if this email was from Twitter, it is exactly what an email phishing bait looks like. It appears to be from Twitter, it has  a link to reset your password and if you are dumb enough to click the link, it could go to some clone site that steals your information.

Safe Handling Instructions.

After some checking I determined the email to be real. That is not to say the email you get is the real thing as yours could be a ploy made to look like this exact email. I have determined the safe way of handling this. Here goes…

1. Do not click the link.

2. Instead, go directly to Twitter.com

3. Type in your username and password

4. If it fails (which it will if the email was real), click on the “forgot” link

5. Enter your email and click “Send Instructions”

6. You will get an email in a short time with the link to reset your password.

7. Click that link and reset your password.

This method ensures that you are dealing with Twitter.com and not some phishing ploy. It is slower than clicking on the first email, but this way YOU KNOW you generated the email for the reset, and do not need to trust some random email allegedly from Twitter.

Or… you can just click the link in the first email and hope for the best!

IMHO

*******************************************************************

The body of the email:

Hey there.

Due to concern that your account may have been compromised in a phishing attack that took place off-Twitter, your password was reset. Please create a new password by opening this link in your browser:

http://twitter.com/account/password_reset?email=co*****ons@gmail.com&token=114469c2aed674b1a2514e2e496ce6e7-1271373406-agent

This will reset your password. Remember to choose a strong password that is a combination of letters, numbers, and symbols. Do not reuse your old password.

As a reminder, you should be extraordinarily suspicious of any third party that offers to artificially inflate your follower count. We do not endorse any of these sites.

Please make sure to:

• Scan your computers for viruses / malware, especially if unauthorized tweets continue to be posted in your accounts even after you’ve changed the password.
• Check the Connections page at http://twitter.com/account/connections and revoke the access privileges of any third party applications that you do not recognize.
• Avoid providing your username and/or e-mail and password to untrusted third-party sites.
• Remove any updates that you did not post personally.

You can also visit our help page for hacked or compromised accounts

The Twitter Team

Please do not reply to this message; it was sent from an unmonitored email address. This message is a service email related to your use of Twitter. For general inquiries or to request support with your Twitter account, please visit us at Twitter Support.