Heh yeah they’re getting better.
One day working in I.T. at a bank, I received an email that was formatted and written really convincingly that someone has referred me for a bigger role with a salary bump, with light/abstract details that could ‘be inferred as’ relevant to my country, sector & role. It just asked to click-through to see the opportunity-
-which popped-up a warning from the company’s I.T. security that this was a phishing testing/training email, and I’d failed.
I usually evade a phish, but this slightly-targeted one got me good.
After that I had to ritualistically double-check potentially legitimate emails from external domains, for sketchy domains/short URLs/links/tracking cookies etc, because they included vendors & 3rd party consultants or contractors we were working with.
At least (the) God(s) know scammers are bad people.
Heh.
deceiver@infosec.pub 1 week ago
I read in another article about this that he said he thought it was strange his password manager didn’t have an option to autofill on the site, but he went ahead and entered his credentials manually anyway
MangoPenguin@lemmy.blahaj.zone 1 week ago
That would make more sense than not having a PW manager, sometimes you’re just so tired out that you run on autopilot without thinking about things.
deceiver@infosec.pub 1 week ago
most definitely, and they do absolutely help, like you said. this is just another example that it could still happen to anyone if they let their guard down. major props to the way he handled the situation too