If Twitter tells you to change your password today, it’s not spam (well, probably not).
Twitter has been asking users just about all morning to reset their passwords on log-in because their accounts may have been compromised. Some account are posting spammy messages, so if you go to an account and see an author post some kind of amazing-deal-you-must-have right-now-but-you-have-to-click-here-HA-now-we-have-all-your-dox, just avoid it.
It’s been happening at the offices of TechCrunch, Mashable, and yes, even we here at Social News Daily have been vulnerable.
We are good now, but please don’t click the “$250 tweet” links as we were hacked. tcrn.ch/RkZA2G
— TechCrunch (@TechCrunch) November 8, 2012
By the way: Twitter? Right now? Handling it. If they believe that your account has been compromised, they will stop you upon log-in and ask you for one of three pieces of personal info: either your phone number, your email address, or your @Twitter handle.
As soon as you provide the information, you get this:
Naturally, the email will redirect you to a page where you can create a new password. I won’t ask for your old one – no, that one is lost to us.
The hack has been confirmed by multiple Twitter users, TechCrunch, and TweetSmarter, but as of the now, Twitter hasn’t posted anything about it on its blog or Twitter account.
Even though, this has all the earmarks of a phishing attempt (in fact some still believe it is one), Twitter’s official site is not allowing hacked users to access the account unless they reset the password in this method. In our tests, the new passwords do work to access Twitter accounts on the desktop and through mobile apps.
We’ll let you know if/when that changes.
Was your Twitter hacked?