If you recently received an email asking you to “verify your Twitter account”, don’t worry: you are not being phishing. Twitter confirmed that it inadvertently sent a batch of emails to users of the social network asking them to reconfirm their accounts, but that the messages can be safely ignored.
“Some of you may have recently received an email to” confirm your Twitter account “that you did not expect,” confirmed the company’s support account. “They were sent by mistake and we are sorry that it happened. If you received one of these emails, you do not need to verify your account and can disregard the message. “
News of the e-mails began to spread on Thursday this week – on Twitter, of course – with uncertainty among recipients about how authentic they were. Given the regularity with which phishing attempts are made – hackers trying to gain access to online accounts by sending emails that look authentic, but are designed to steal credentials – there is an understandable degree of skepticism about any message that is supposed to be from Twitter (or Facebook, or your bank or any other organization at this stage).
This level of distrust is probably sensible at this point, of course. Users themselves are usually one of the weakest points in data security, as we can easily be tricked and click on links that we shouldn’t. In fact, suspecting emails like Twitter is often the number one recommendation from security experts.
In fact, it was human fallibility that was blamed for a Twitter hack in July 2020. This saw more than 100 accounts compromised, with the company blaming hackers targeting a small number of its employees with a social engineering tactic of phone phishing . This led to the sharing of data that could be used to persuade other employees that other false requests were legitimate.
Security experts recommend enabling two-factor authentication on your accounts when possible, something Twitter offers. Once activated, you will not only need a password, but a secondary login method – a code, a physical security key present, or a login confirmation via an application – to gain access to your Twitter account. Two-factor authentication is generally considered to be more secure when using a physical security key or code-generating application, rather than methods that send a code via SMS.
It is also worth checking which third party applications are associated with your Twitter account, as we have also seen those used in the past to explore the social network. You can find a list of connected applications in the Twitter settings – and disable those that are no longer needed or recognized – as well as a list of which devices are currently connected to your account.