Twitter has warned users to be aware of scammers posing as Twitter employees in order to try and get hold of log-in details and other personal information.
It comes after a number of verified users on the platform, including journalists, reported receiving direct messages (DMs) which claimed their verified status had been declared as “spam” and they needed to re-register.
The messages came from accounts claiming to be Twitter Support and asked users to click on a link in the message to fill in a form to re-apply for a “blue badge” of verification on the site.
These emails might include malicious attachments or links to spam or phishing websites. Please know that Twitter will never send emails with attachments or request your Twitter password by email
“Your blue badge Twitter account has been reviewed as spam by our Twitter team,” the scam message said.
It asked users to “appeal” this decision using an online form by clicking a link in the message, warning that those who did not would see their blue badge “deleted”.
In response, Twitter said it never asks for a user’s password when contacting someone.
“We’ve heard some accounts are posing as Twitter employees, sending DMs and emails,” the company said.
“If we contact you, we’ll never ask for your password and our emails will be sent from @twitter.com or @e.twitter.com only.”
A dedicated page on the company’s online help centre adds: “Some people may receive fake or suspicious emails that look like they were sent by Twitter.
“These emails might include malicious attachments or links to spam or phishing websites. Please know that Twitter will never send emails with attachments or request your Twitter password by email.”
The UK’s National Cyber Security Centre (NCSC) advises people to consider carefully before clicking any link they are sent, unsolicited, by an organisation, and encourages people to look for tell-tale signs including poor spelling or grammar, or a sense of urgency in the messaging to try to encourage a rash decision.