According to Sophos’ 2010 Security Threat Report, there has been a dramatic rise in attacks on social networks in the past year. So reports this morning from a number of Twitter users claiming they’ve received an e-mail from the company asking them to reset their password after a suspected phishing attack are certainly cause for concern — either because they have indeed fallen victim to a phishing attack or because they’re about to fall victim to one by following the e-mail’s instructions.
Certainly, it’s difficult to determine if the e-mail is genuine. After all, its subject line is “Please change your twitter password” and conventional wisdom is to never click a password-reset link in an e-mail. That said Twitter users who’ve received it and followed its instructions have regained access to the service after being locked out.
So, if you’ve received such an e-mail, tread carefully.
As of this writing, Twitter has not commented on these reports on its blog or status page — though that doesn’t necessarily mean anything. In any event, I’ve asked the company for an explanation and will update here if and when I receive one.
[Image credit: Andrew R.H. Girdwood]
Buy This Item: [Click here to buy this item]