part of a “sophisticated phishing campaign”
read: Cheryl in accounting typed her credentials into a random form.
Email: “Hi, this is IT. It looks like your password is expired. Please change your password by clicking this link. Ignore the weird from address and the fact that the link obviously goes to a noncompany website. We’re really from your IT department. Promise!”
Way too many users: “Yup. This looks legit. Better coick that link and enter all of my information right now!”
“Hi Karen , this is HR. You can now log anonymous complaints about IT, by logging into this external website with your company credentials. We provide this for your security because IT is able to monitor in network communication.”
You guys are killing me! I know so many people who get their Facebook profiles hacked like this. It just cracks me up because it seems silly to fall for. It always looks wrong and the address is ridiculous.
on some level, scammers are deliberating targeting the easiest marks. If you send out millions of phishing emails, you’re looking to catch a dozen or so of the least tech savvy people you can.
That’s true cast, a big net I guess.
There are legitimate third party services for company to receive anonymous ethics complains, or to poll employees pseudo-anonymously.
If done well it’s not using the company credentials.
But it would indeed a sneaky way to fish employees.
Wo wow wow I thought it was a hoax! Looking forward to reading the leaks
Spez won’t agree to the API demand, because it’s a matter of ego and credibility for him now. His whole big shot tech-bro CEO shtick depends on ramming this through, like his hero Elon.
So I guess we’ll see if there’s anything interesting in the corp data…
So I guess we’ll see if there’s anything interesting in the corp data…
My guess is it’ll get sold, not made generally public.
I’m too naïve. Who else would be interested in that kind of data…? It’s not personal details and profiles, right? I guess I’m disappointed that if you are right, the public will never see who they shadowban or whose github got trolled.
I just wanted the goss, but I’m no millionaire. :(
Spez you dumb ass. He needs the 0hishing training emails.
Talk about timing geez.
The company falling victim to phishing should be pretty damned embarrassing to them.
Part of me wants to go to Reddit to post my dick pics in every forum. “Post your dick and/or boobs for great Justice!”
Take off every bra!
Let’s do that in Lemmy instead!
well that sucks