Almost a week ago, Twitter began warning its users about fake Twitter Support emails.
Since then, a couple of variants of the email have surfaced, with small differences in the text (“unreaded messages”, “information messages”). They typically look something like this:
Let’s compare it with a legitimate email from Twitter:
As you can see, Twitter uses you name in the greeting, and the subject line and the email usually contain the words “You have a direct message from X” (X being the user who sent you the message).
By comparison, the fake emails look very simple and lack details that Twitter would usually use. The emails are very generic because they are intended to fool any and every recipient.
The emails contain an embedded URL that supposedly takes you to your messages, but actually links directly to malware, which is then downloaded onto your computer.
The links have already made inaccessible, but TrendMicro warns users to be vigilant when checking their emails.