Twitter has posted that some individuals are having problems with their usernames and passwords. I’m hearing from some sources that this is actually a result of an extensive phishing scam. Definitely don’t change your password after clicking a link in an email or direct message, and just be careful in general on Twitter for the next few days.
And, as always, if you’re about to enter your password on a website, take a look at the URL in your browser and make sure you’re actually on the right site, not some scamming or phishing site.
For those who don’t know, phishing is an attempt to fraudulently obtain sensitive information like usernames and passwords, often by looking very similar in appearance to a legitimate website you would enter that information on.
Just a few hours after posting this, I received the infamous direct message.
For the sake of posterity (or whatever), I went ahead and clicked on the link. Click below for the full version, and notice the URL is not a Twitter URL.
I went ahead and entered a fake username and password, and it sent me to the Fail Whale. So if you run into that yourself, immediately log into your account from Twitter.com and reset the password.