Some users may receive fake or suspicious emails that look like they were sent by Twitter. These emails might include malicious attachments or links to spam or phishing websites. Please know that Twitter will never send emails with attachments or request your Twitter password by email.
Find out more about Twitter Safety on our Account Security page.
Phishing scammers send fraudulent messages to a large number of people, in an attempt to trick them into revealing private information, like a password. An email or website may be disguised to appear legitimate.
It can be difficult to recognize a spoofed email as they may look very convincing or appear to come from a Twitter email address. You can check the headers of an email to find out more about the source of the message, and you should be suspicious of new or unexpected emails. Twitter doesn't send emails with attachments, and will never ask you to provide your password via email, direct message, or @reply.
What if I'm worried that someone has access to my Twitter username and password?
If you suspect your account has been compromised, you can find out what to do on our Compromised Accounts help page.
If Twitter believes your account has been hacked, we may reset the account password to prevent the hacker from misusing your account. In this case, we'll email you a secure link to where you can select a new password. Again, this link will always be on the http://twitter.com website, and we never ask you to provide your password via email, direct message, or @reply.
Why am I getting these fake emails?
Twitter doesn't send these emails. The FTC has a help page that describes some ways spammers may find your email address:
For more information about Twitter's policies on information collection, as well as disclosure and sharing, please visit our privacy page at http://twitter.com/privacy.