I'm often a cautious chap. I don't tend to click links in emails - at all.
This morning I had an email that really looked like it was from Twitter. It suggested that my password had been changed due to "phishing attack that took place off-Twitter". I found myself thinking, "Sly, but not sly enough," followed by "hey, that really does look like Twitter; there's no hidden URL in the password reset".
I checked Twitter. I couldn't log in. My password really had changed.
So I copied the link to plain text, poked it some more and decided to follow it. I had to change my password. A quick check of my account shows no extra followers or people followed. It shows no extra tweets or DMs.
So why did Twitter change my password? Did anyone else get an email like this? Have they been hacked and wanted to encourage people to change passwords?
I think there are some significant drawbacks with this approach. Twitter should not be getting its users used to emails providing a password changing link. This is surely the sort of email that phishers will love to clone.
Update: The Next Web have a post suggesting a combination of the Twitter account @THCx and NutshellMail may be to blame here.
I was following @THXc and I don't think that was my decision. I don't use NutshellMail, though, so I'm still not clear how I was phished - or if I was.
I still sense there's a password leak here somewhere.
Update 2: It's unlikely NutshellMail was at fault here - as I said; I don't use it (though it does look interesting now it's on my radar). It's also worth noting that Amy, who took the screen grab, didn't talk to The Next Web about it and doesn't think it was NutshellMail either. She seems pretty annoyed by its use/misuse.