merde@sh.itjust.works
on 01 Nov 23:57
nextcollapse
Attacks begin when users are lured into “visiting suspicious websites or click on phishing links that download malicious software onto their computer.”
🤦
Imgonnatrythis@sh.itjust.works
on 02 Nov 00:36
nextcollapse
I was lured into reading a suspicious Forbes article.
TheTechnician27@lemmy.world
on 02 Nov 01:43
nextcollapse
Incidentally, we try not to use these sorts of “Forbes contributor” articles on Wikipedia when possible. They’re effectively just blogs masquerading under the credibility of Forbes staff’s actual journalism.
That said, I don’t see anything wrong with this excerpt. This is legitimate attack vector.
Yeah, I dunno what the facepalm is supposed to be about. 99% of the rest of the world has about 1% of the tech knowledge that the average Lemmy user is going to have. These scams are wildly effective, and it's not really a matter of general intelligence as far as who falls victim to them.
LunchMoneyThief@links.hackliberty.org
on 02 Nov 04:11
nextcollapse
Years ago I might have agreed, but with digital technology having become so central to one’s daily life I find it hard to excuse those who fail to educate themselves about the very basics.
QuadratureSurfer@lemmy.world
on 02 Nov 06:28
nextcollapse
For me, the article makes it seem like there’s some new announcement that the FBI has put out about a newly discovered vulnerability. Turns out, the announcement is about vulnerabilities we’ve known about for a long time.
You don’t need to have advanced technological know-how to know about phishing scams. Practically every company has a boring training course you have to go through at least once a year.
I work in cyber security and they still feel the need to tell us about phishing scams, like we don’t know about 100 other scarier things.
schizo@forum.uncomfortable.business
on 02 Nov 15:23
collapse
Hell I almost got snagged by one recently, and a goodly portion of my last job was dealing with phishing sites all day.
They’ve gotten good with making things look like a proper email from a business that would be sending that kind of email, and if you’re distracted and expecting something you can have at least a moment of ‘oh this is probably legitimate’.
The giveaway was, hilariously, a case of using ‘please kindly’ and ‘needful’ which uh, aren’t something this particular company would have actually used as phraseology in an email, so saved by scammers not realizing that americans at least don’t actually use those two phrases in conversation.
Confused_Emus@lemmy.dbzer0.com
on 03 Nov 15:10
collapse
americans at least don’t actually use those two phrases in conversation
Thank you, I saw Forbes and was immediately suspicious of click bait.
EngineerGaming@feddit.nl
on 02 Nov 18:04
nextcollapse
After reading various news amd stories about phishing, I no longer think anyone is really “too smart to be phished”. Not the matter of “If”, but “Under what circumstances”.
GreenKnight23@lemmy.world
on 02 Nov 19:06
collapse
congrats! you’re the first person I’ve seen actually get what “phishing” means.
every fish can be caught, they react on instinct. same for people and links. they were made to be clicked so we instinctually click them.
EndlessNightmare@reddthat.com
on 03 Nov 03:53
collapse
Also:
The threat affects all email platforms providing web logins, albeit Gmail, Outlook, Yahoo and AOL are by far the largest
This is really just a generic article saying “be careful what you click on”
threaded - newest
🤦
I was lured into reading a suspicious Forbes article.
Incidentally, we try not to use these sorts of “Forbes contributor” articles on Wikipedia when possible. They’re effectively just blogs masquerading under the credibility of Forbes staff’s actual journalism.
That said, I don’t see anything wrong with this excerpt. This is legitimate attack vector.
It’s always being an attack vector. Phishing scams have been the oldest form of fraud from the beginning.
It’s basically the same principle that con artists have been using for decades long before the invention of the internet
Tying it to big name providers like they have a security hole in the title is clickbait at absolute best.
The domain is leased to SEO lizards larslofgren.com/forbes-marketplace/
As someone who actively defends and trains against these attacks, I still see people downloading and executing suspicious files regularly.
Yeah, I dunno what the facepalm is supposed to be about. 99% of the rest of the world has about 1% of the tech knowledge that the average Lemmy user is going to have. These scams are wildly effective, and it's not really a matter of general intelligence as far as who falls victim to them.
Years ago I might have agreed, but with digital technology having become so central to one’s daily life I find it hard to excuse those who fail to educate themselves about the very basics.
For me, the article makes it seem like there’s some new announcement that the FBI has put out about a newly discovered vulnerability. Turns out, the announcement is about vulnerabilities we’ve known about for a long time.
You don’t need to have advanced technological know-how to know about phishing scams. Practically every company has a boring training course you have to go through at least once a year.
I work in cyber security and they still feel the need to tell us about phishing scams, like we don’t know about 100 other scarier things.
Hell I almost got snagged by one recently, and a goodly portion of my last job was dealing with phishing sites all day.
They’ve gotten good with making things look like a proper email from a business that would be sending that kind of email, and if you’re distracted and expecting something you can have at least a moment of ‘oh this is probably legitimate’.
The giveaway was, hilariously, a case of using ‘please kindly’ and ‘needful’ which uh, aren’t something this particular company would have actually used as phraseology in an email, so saved by scammers not realizing that americans at least don’t actually use those two phrases in conversation.
Well now they’re gonna know!
It’s always the same people in my experience. No matter how many times they go through the training it never seems to stick.
An old time classic.
Thank you, I saw Forbes and was immediately suspicious of click bait.
After reading various news amd stories about phishing, I no longer think anyone is really “too smart to be phished”. Not the matter of “If”, but “Under what circumstances”.
congrats! you’re the first person I’ve seen actually get what “phishing” means.
every fish can be caught, they react on instinct. same for people and links. they were made to be clicked so we instinctually click them.
Also:
This is really just a generic article saying “be careful what you click on”
Sometimes I get phishing sent to protonmail. These guys think that protonmail users will be a good target for their scams? Lmao