Got this from (allegedly) Twitter
So right off the bat I can tell for sure that it ain’t me trying to log on to that shite, but it doesn’t leave me much choice either now does it?
(red blotches mine, for privacy, and dramatic effect)
(solve the captchas to win a free tshirt!)
Removed by mod
Speaking as a security professional, this is pretty standard practice for a solid user experience. I’m rather surprised someone in a privacy community would take umbrage at this because security and privacy are closely linked. When someone attempts to steal your account, do you not want an alert?
The easiest way to get rid of this email is to delete your Twitter account.
The point of contention here is not that OP doesn’t like this kind of verification, but that he believes that Twitter is making up the sign in attempt to get OP to actually log in and report higher usage metrics in Q3.
I don’t think OP opposes 2FA, at least not from the info he posted.
There’s no way a campaign like this is going to growth users use metrics in a significant way to cheat a quarterly report
Huh, that’d be a clever trick. Too clever for muskians, I’d say.
I’m confused, it’s not actually asking you to log in. It’s saying IF you want to log in you’ll need this code right? Seems like standard 2FA practices. Am I missing something?
Of course it’s not!
Look at it like they are saying:
“Hi! Your account may be hacked. To mitigate it, you need to log in.”
I didn’t even know I had a Twitter account, and so 2FA certainly not. So as a person who never uses Twitter, to get a mail like this is a conundrum. Better log in and change that password or whatever, right? So suddenly someone who never used twitter, or apparently did sign up once some long time ago, is logging in for the first time in ages.
Corporate: “See, users are coming back to our platform!”
Then again, it could be a phishing attempt, too, but either case is un-good. Someone tried to log in multiple times over 6 hour intervals and over 2 days, so obv hacker, but still.
And of course this goes without saying:
What email client is this?
Might be Proton going off the icon’s color scheme
Is the email from twitter.com?
Man I thought I added that information, I intended to, obviously.
But either case, I’m not taking any chances. I’d never click a mail link regardless, I’d go straight to the address in another browser session to examine what’s going on.
My solid guess right now is actual hacker attempt, because they’ve been trying to log in every 6 hours or so for a day or two. I use solid passwords for everything, so hopedy hope. Not that I know what the fuck they’d use my twitter account for.