this post was submitted on 21 Jun 2023
119 points (100.0% liked)

Technology

37705 readers
174 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] scrubbles@poptalk.scrubbles.tech 47 points 1 year ago (1 children)

part of a "sophisticated phishing campaign"

read: Cheryl in accounting typed her credentials into a random form.

[–] TechyDad@beehaw.org 29 points 1 year ago (1 children)

Email: "Hi, this is IT. It looks like your password is expired. Please change your password by clicking this link. Ignore the weird from address and the fact that the link obviously goes to a noncompany website. We're really from your IT department. Promise!"

Way too many users: "Yup. This looks legit. Better coick that link and enter all of my information right now!"

[–] TheOtherJake@beehaw.org 20 points 1 year ago (2 children)

"Hi Karen , this is HR. You can now log anonymous complaints about IT, by logging into this external website with your company credentials. We provide this for your security because IT is able to monitor in network communication."

[–] shmushroomsh@beehaw.org 9 points 1 year ago (1 children)

You guys are killing me! I know so many people who get their Facebook profiles hacked like this. It just cracks me up because it seems silly to fall for. It always looks wrong and the address is ridiculous.

[–] Laneus@beehaw.org 7 points 1 year ago* (last edited 1 year ago) (1 children)

on some level, scammers are deliberating targeting the easiest marks. If you send out millions of phishing emails, you're looking to catch a dozen or so of the least tech savvy people you can.

[–] shmushroomsh@beehaw.org 1 points 1 year ago

That's true cast, a big net I guess.

[–] Hirom@beehaw.org 1 points 1 year ago* (last edited 1 year ago)

There are legitimate third party services for company to receive anonymous ethics complains, or to poll employees pseudo-anonymously.

If done well it's not using the company credentials.

But it would indeed a sneaky way to fish employees.