Twitter Asks Users To Reset Passwords After Possible Phishing Attack

Twitter is locking many users out of the system this morning, and sending them notices that they need to change their passwords in order to regain access to the service, due to concerns over a possible phishing attack.

While some people are worried that the e-mails might have actually been a phishing attack, there’s a flood of tweets from users having received the same message after effectively getting denied access to their accounts, so this seems 100% legit.

The message, copied here by a blogger, reads:

Due to concern that your account may have been compromised in a phishing attack that took place off-Twitter, your password was reset. Please create a new password by opening this link in your browser:
[PASSWORD RESET LINK].

The message adds:

As a reminder, you should be extraordinarily suspicious of any third party that offers to artificially inflate your follower count. We do not endorse any of these sites.

We’ve contacted Twitter for more information, but for now it may be wise to change your password regardless of whether you’ve received this e-mail or not.

Just yesterday, Sophos published a report that showed social networking services like Facebook and Twitter are increasingly being targeted in cybercrime attacks.

(Hat tip to Marjolein Hoekstra)