Sample #1: “You have 4 unread message from Twitter”
Notice the poor grammar. Scammers are often located in foreign countries and English is not their native language. Poor grammar is the first tip-off of a scam.
Sample #2: “Please confirm your Twitter account”
We love this scam because the scammer, in addition to providing a fake link, felt it necessary to mislead the recipient by using two “v” side-by-side to look like a “w” –> vv Read the link carefully to see!
Sample #3: “Warning: Your inbox is full”
The link in this email points to an IP (Internet protocol) address “220.127.116.11.” If you enter this IP into a Reverse IP Lookup, you’ll discover that it belongs to a computer in Brazil. Also, notice that after the IP and forward-slash you see the tilde sign “~” (18.104.22.168/~) The tilde sign is used to denote a personal account on a server, in this case the account of a user identified as “dhilehis.”
Sample #4: “hey, someone is making up offensive things that are about you”
These folks don’t even make an effort to make the link look like a link to Twitter! Instead they hide their link behind a URL shortening service called bit.ly. Probably a malware trick.