Have you received an email from Twitter saying that your account has been suspended? Did they ask you to re-verify your account by giving your details to a business partner?
Well, stop right there – and don’t do what the email says, because it’s a scam designed to steal your personal information and make money for fraudsters.
Naked Security reader Bayani was the first of our readers to send us a tip and tell us that they had been on the receiving-end of this particular spam campaign – but it looks as though it has been distributed quite widely via email.
Subject: Account Suspension
Twitter is currently upgrading at this time.We dont want to delete your account. Please Re-verify your account by entering your name, email, or zip by one of our business partners below
Click here to complete some free offers
Note All suspended accounts cannot be restored so please complete this offer within 2 days to avoid suspension
The Twitter Team
The emails don’t really come from Twitter, and clicking anywhere on the email (it’s actually an embedded image rather than text) will take you to survey pages which ask you to give away your personal information.
And, of course, you don’t have to be a Twitter user to have received one of these emails – although, hopefully, you’re unlikely to act upon them unless you are. :)
But if you are a Twitter user, and want to keep up-to-date on the latest security news, why not follow our team of writers? Hey, I’ll make it really easy for you – here are the links:
Follow @gcluley
Follow @chetwisniewski
Follow @duckblog
Follow @sophoslabs
Thanks for the heads up!
I received this email, but it is worded a little differently.
See this image: http://twitpic.com/5hhwph
New version of the spam that a friend recieved a few minutes back http://pastebin.com/qvMPKpM9
This one's more authentic sounding till you realize how wrong it is
1) It mentions your email address, not your twitter handle. Your twitter handle is not mentioned anywhere in the email.
2) The rule mentioned is nowhere on the rules page below it.
3) The language in which the rule is written would never ever be used in any official documentation.
4) The offers is a highly illogical diversion, someone like twitter would never ever do such a thing.
5) The offer text is again highly suspicious, why would someone have to take up an offer to avoid their account from being suspended? And they ask you to enter *some valid email address* on the offers page, huh? How would that help twitter?
6) That offer page goes through CNN. Why would twitter offer page go through CNN? Makes no sense again.