Twitter asked their users to reset their passwords aster possible phishing attack. A lot of users complained that Twitter forced them to reset their passwords out of the blue. It’s not clear if the attack is legit, or if it’s the Twitter platform playing up, but either way it seems fairly serious.
In the morning, Twitter locked many user’s out of their system and sent them notices hat they need to change their passwords in order to regain access to the service, due to concerns over a possible phishing attack. It’s really a serious news if you are concerned about Twitter.
While some people are worried that the e-mails might have actually been a phishing attack, there’s a flood of tweets from users having received the same message after effectively getting denied access to their accounts, so this seems 100% legit.
When many users are logging into the Twitter web interface, they are being met by one of the following messages:
Due to concern that your account may have been compromised in a phishing attack that took place off-Twitter, your password was reset. Please create a new password by opening this link in your browser:
[PASSWORD RESET LINK].
The message adds:
As a reminder, you should be extraordinarily suspicious of any third party that offers to artificially inflate your follower count. We do not endorse any of these sites.
It seems that admins at Twitter have discovered something fishy is going on, and they’re trying to prevent further damage before it happens.
The Next Web also mentions reports that this incident has something to do with the user account @THCx, which may have gained access to a large number of Twitter accounts, possibly by abusing NutshellMail, but all of this is unconfirmed at this point.
Just yesterday, PCWorld published a report that showed social networking services like Facebook and Twitter are increasingly being targeted in cybercrime attacks.