Did you receive an email asking you to confirm a Twitter account that you didn’t create?

Don’t click any links inside the email.

In their latest attempt to infect computers with malware, cyber crooks have begun spamming out fake Twitter emails asking users to confirm a non-existent Twitter account.

Here is a copy of the phishing email:

From: Twitter ([random-string]@postmaster.twitter.com)
Subject: Confirm your Twitter account, [random name]!

Hi, [random name].

Please confirm your Twitter account by clicking this link:
Please click here.

Once you confirm, you will have full access to Twitter and all future notifications will be sent to this email address.

The Twitter Team

If you received this message in error and did not sign up for a Twitter account, click not my account.

Please do not reply to this message; it was sent from an unmonitored email address. This message is a service email related to your use of Twitter. For general inquiries or to request

managed services in San Diego

support with your Twitter account, please visit us a Twitter Support.

As you can see, the bogus emails look nearly identical to the actual notices sent by Twitter upon creating a new account with one small difference: the link’s anchor text.

In legitimate notices, the confirmation link would read:

“http://twitter.com/account/confirm_email /[name]/[random-strong]”

However, the confirmation link in the fake messages read:

 “Please click here.”

Jovi Umawing, Communications & Research Analyst at GFI Labs warns that all of the links within the email lead users to malicious sites housing the infamous Blackhole exploit pack, which will attempt to exploit vulnerabilities within Adobe Reader and Adobe Flash in order to install malware on the target machine.

GFI Labs detects the exploits & malware threats associated with this attack as Exploit.PDF-JS.Gen (v), Trojan.SWF.Generic (v), and  Trojan.Win32.Generic.pak!cobra.

Related post:
Caution: Did you receive an Unexpected Google Verification Code Text?

Protect Yourself From this Attack

To avoid falling victim to this scam, it is strongly recommended that you:

  • Mouse over all email links to check the destination URL before clicking on them.
  • Keep your operating system and installed software fully patched and up-to-date.
  • Always run antivirus software and keep the virus definitions current.

If you receive the email, you can report it to Twitter using this form.

cyber security quiz for employees

Update *1/29/2019 – Twitter Confirmation Code Text Scam:

People are getting weird twitter confirmation code text scam for twitter accounts they never signed up for.

Don’t click on any links from this twitter text spam. It could possibly not be from twitter and the link could lead to malware or ransomware.

First of all it’s possible someone added the wrong phone number to sign up with twitter.
Second, some people are receiving massive spam texts from twitter. You may have never signed up with twitter and received spam texts.

Are the twitter texts coming from twitter’s short code: 40404? Twitter has used this code for several years, and it’s a common filed number under online complaints.
You have to text back “STOP” twice to finally end these spammy twitter texts.

Another reason you’re receiving twitter spam texts, Twitter recycles numbers. Mobile providers will recycle phone numbers to new customers and these people usually find themselves receiving phone calls/ texts for the previous owner.Annoying right? Twitter does the same thing.

Another final thought, someone might have tried logging into your twitter account. Someone may have your personal data. I would change my twitter password just in case.

Related post:
Caution: Did you receive a $500 Amazon Gift Card Survey?

Remove the Virus or Malware from this Attack

We can remove this specific virus remotely.

If you suspect your computer is infected with a virus or malware, Call us to have it safely removed! (619) 325-0990
We have been routinely removing this twitter malware from client’s laptops and computers.

We can even remove the virus remotely with a secure internet connection.