Sure, but an average user is not going to know to check for the URL protocol. It’s still incredibly effective for phishing
Sure, but an average user is not going to know to check for the URL protocol. It’s still incredibly effective for phishing
You’ve got half of it. The hacker’s server is acting as a middleman for the real login page. Everything appears legitimate except the URL will be wrong and if you use a password manager, it won’t auto-fill
They access the legit login page and forward it to you, but they’re in the middle capturing everything you send.
When you enter your login details, they will record them and then forward them to the real login window in near real time, effectively logging in as you. They then have a legitimate session token which they can use to access your account without needing to re-authenticate.
An attack using this tool does require that the user actually logs in, but because they’re just acting as a proxy for the real login page, the only way you’d spot the difference is if the URL doesn’t match (or that your password manager doesn’t auto-fill)
However, it’s pretty easy to see that someone would be fooled by that as you’d expect to need to confirm your identity when adding a gift card to your steam account.
Typically, with scams like this, the attacker is using a tool like Evilginx.
The way this works is that Evilginx runs on a server that the hacker controls and will request the login page from whatever service they are targeting(Discord, Steam, Google, etc) and then serve it to you as a proxy. It looks entirely legitimate unless you make sure to very closely check the URL.
Once you login, it will take a copy of your Username, your password, and your session token(the thing that lets Discord know it’s you so you don’t need to login again after every refresh). and suddenly the attackers now have access to your account to do whatever they want with it.
Discord should absolutely prevent modifying links in this way specifically for this reason, but good practice as a user is to hover over every link and make sure it’s pointing where it’s supposed to. Don’t click on anything that looks suspicious.
Sometimes people do the right thing for the wrong reasons.
This is one of those weird things that venture capital does sometimes.
VC is is injecting cash into tech right now at obscene levels because they think that AI is going to be hugely profitable in the near future.
The tech industry is happily taking that money and using it to develop what they can, but it turns out the majority of the public don’t really want the tool if it means they have to pay extra for it. Especially in its current state, where the information it spits out is far from reliable.
believe it or not, jail.
I miss when viruses were fun instead of extortionate
I tend to just check uptime before asking this question.
If I see the machine has been up for weeks and they tell me they rebooted it, I know i’m dealing with someone who doesn’t know that pressing the power button on the monitor doesn’t turn the computer off.
While many of the CVEs are filed in good faith by responsible researchers and represent credible security vulnerabilities, a recently growing pattern involves newbie security enthusiasts and bug bounty hunters ostensibly “collecting” CVEs to enrich their resume rather than reporting security bugs that constitute real-world, practical impact from exploitation.
Oh, this is once again HR’s fault
With removable batteries is that there is actually a legitimate reason for getting rid of them, in that it’s much harder to waterproof a device with a removable battery.
I’d still like to see the option available, but I can at least understand why it’s not from a practical standpoint. The only reason carrier locks exist is to increase the cost of change for the end user, making them less likely to switch providers.
How is Photoshop different from Gimp?
Photoshop is a subscription-based graphic design and photo editing program with a large catalog of advanced features that go beyond simple photo retouching. It’s the go-to tool for experienced photographers, graphic designers, web developers, and film editors. But at the same time, its tools are approachable enough for beginners and hobbyists looking to tweak images for work or create artwork in their free time.
Okay cool, that’s all technically true or unverifiable. What makes Gimp different, Adobe?
It depends on the plastic and the acid involved.
Most plastics are unreactive with most acids. Sometimes, like with Hydrofluoric acid, it must be stored in plastic, because it can dissolve glass.
Its the best when you buy an LP and get a download code for the album as well.
I listen to LPs mostly when I want music to be the primary thing im doing. There is a whole ritual involved with putting a record on. Whereas, sometimes I just want to listen to something while I’m doing dishes or driving, and then playing an MP3 over a Bluetooth speaker from my phone is just infinitely more convenient.
Should the machine’s operating system be calculated in the storage too?
I’m positive that David Cronenberg had no idea what a video game was when he made that movie
Yes, but its rare, and even more rare will I buy something.
If I see an ad for something that im actually in the market for, and I want to support the person that runs the page or presents the video, and I know that the person is going to get a kickback if I decide to spend money, then yeah, I’ll click their referral link and shop around.
Honestly, I’d just throw a decent furnace filter on the intake side of a box fan. Its cheap, effective , and you can easily replace the filter once it gets too grimy.
I like #B00B69. Not only for the name, but also because it’s a really nice magenta color