• TechyDad@beehaw.org
      link
      fedilink
      English
      arrow-up
      35
      ·
      1 year ago

      Email: “Hi, this is IT. It looks like your password is expired. Please change your password by clicking this link. Ignore the weird from address and the fact that the link obviously goes to a noncompany website. We’re really from your IT department. Promise!”

      Way too many users: “Yup. This looks legit. Better coick that link and enter all of my information right now!”

      • TheOtherJake@beehaw.org
        link
        fedilink
        English
        arrow-up
        20
        ·
        1 year ago

        “Hi Karen , this is HR. You can now log anonymous complaints about IT, by logging into this external website with your company credentials. We provide this for your security because IT is able to monitor in network communication.”

        • shmushroomsh@beehaw.org
          link
          fedilink
          English
          arrow-up
          12
          ·
          1 year ago

          You guys are killing me! I know so many people who get their Facebook profiles hacked like this. It just cracks me up because it seems silly to fall for. It always looks wrong and the address is ridiculous.

          • Laneus@beehaw.org
            link
            fedilink
            English
            arrow-up
            6
            ·
            edit-2
            1 year ago

            on some level, scammers are deliberating targeting the easiest marks. If you send out millions of phishing emails, you’re looking to catch a dozen or so of the least tech savvy people you can.

        • Hirom@beehaw.org
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          There are such third party services for company to receive anonymous ethics complains, or to poll employees pseudo-anonymously.

          If done well it’s not using the company credentials.

          • argv_minus_one@beehaw.org
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Legitimate? Anything like that is at least one of two kinds of painfully obvious trap, namely:

            1. It’s some kind of criminal operation looking to commit industrial espionage, collect credentials, etc.
            2. It’s not actually anonymous, and is in fact being used by the company to root out and get rid of insufficiently loyal employees.
      • dan@upvote.au
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        A lot of companies now configure their email security software to prepend a “this email came from an external source. Be careful!” notice to all emails that come from outside the company, to try and avoid issues like this.

  • cyd@vlemmy.net
    link
    fedilink
    English
    arrow-up
    19
    ·
    1 year ago

    Spez won’t agree to the API demand, because it’s a matter of ego and credibility for him now. His whole big shot tech-bro CEO shtick depends on ramming this through, like his hero Elon.

    So I guess we’ll see if there’s anything interesting in the corp data…

    • Fauxreigner@beehaw.org
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      So I guess we’ll see if there’s anything interesting in the corp data…

      My guess is it’ll get sold, not made generally public.

  • Stellario@pawb.social
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    Part of me wants to go to Reddit to post my dick pics in every forum. “Post your dick and/or boobs for great Justice!”

    • gk99@kbin.social
      link
      fedilink
      arrow-up
      15
      ·
      1 year ago

      Nah, reddit is taking so long with the data requests it’d probably be easier to just ask these guys.

      But seriously, this confirmation makes reddit look so much worse right now.