Received an unexpected request to “confirm your Twitter account”?

On this occasion it wasn’t a phishing attack, but an accidental email blast from Twitter.

Received an unexpected request to "confirm your Twitter account"?

I’ve had a Twitter account for 13 years, so when I receive an email claiming to come from Twitter that asks me to confirm my account my automatic reaction is that it will be a scam – possibly attempting to phish my login credentials.

Twtter email

After all, why would Twitter need me to verify an account I’ve had since January 2008?

Sign up to our free newsletter.
Security news, advice, and tips.

Turns out, however, that the email really did come from Twitter and that the links did go through to Twitter’s site rather than some dodgy phishy webpage desperate to lure me into handing over my password.

A red-faced Twitter admitted that the emails had been “sent by mistake.” It’s unclear just how many Twitter users may have received the accidential messages, but there are certainly plenty of folks who seem to have been left scratching their heads or warning others not to click on the links.

Hopefully Twitter will take a close look at what went wrong, and put some measures in place to ensure that such a goof doesn’t happen again.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.