I think I was just the target of a fairly sophisticated phishing attempt.
Uncategorized
5
Posts
1
Posters
9
Views
-
I think I was just the target of a fairly sophisticated phishing attempt.
Got a call from a toll-free number, answered it, it was somebody claiming to be from Google.
Said they were calling about a recent attempt to sign in to my account and a ticket to change my recovery address. I said that didn't sound right, guy on the phone said he was going to send me what they received.
I get an email, I don't look closely at it but it's an actual email from Google (1/?)
-
I think I was just the target of a fairly sophisticated phishing attempt.
Got a call from a toll-free number, answered it, it was somebody claiming to be from Google.
Said they were calling about a recent attempt to sign in to my account and a ticket to change my recovery address. I said that didn't sound right, guy on the phone said he was going to send me what they received.
I get an email, I don't look closely at it but it's an actual email from Google (1/?)
The guy says it looks like an OAuth app may have tried to do it and I think ok, yeah. I use "sign in with Google" all the time, there could be some rogue thing out there where maybe I granted more permissions than I should have or something.
The guy asks if I'm familiar with OAuth and I tell them I am, I've written apps that use OAuth before. He proceeds to give me a brief spiel anyway which I found odd.
So then I ask ok well can you tell me what app did it? He couldn't. (2/?)
-
The guy says it looks like an OAuth app may have tried to do it and I think ok, yeah. I use "sign in with Google" all the time, there could be some rogue thing out there where maybe I granted more permissions than I should have or something.
The guy asks if I'm familiar with OAuth and I tell them I am, I've written apps that use OAuth before. He proceeds to give me a brief spiel anyway which I found odd.
So then I ask ok well can you tell me what app did it? He couldn't. (2/?)
That kind of set off alarm bells because I know from administrating Google Workspace that you absolutely can see what app did what. So red flag.
So then he says something about he can reset my OAuth token. Like it sounded like my account has 1 OAuth token, the way he presented it. Which isn't right.
So I say "ok well listen I can log into my account and disconnect from apps" and he said something about how it's better if they do it? (3/?)
-
That kind of set off alarm bells because I know from administrating Google Workspace that you absolutely can see what app did what. So red flag.
So then he says something about he can reset my OAuth token. Like it sounded like my account has 1 OAuth token, the way he presented it. Which isn't right.
So I say "ok well listen I can log into my account and disconnect from apps" and he said something about how it's better if they do it? (3/?)
So then I say look, the caller ID shows you're calling from a toll-free number and that's all it shows - I can't really verify if you're Google or not. I'll handle it. End the call.
So then I sit down and look at that email that came in while I was on the phone. It was an authorization code to add my account as a recovery to somebody else's account.
I'm guessing the next steps would have involved me giving that code to add my account as a recovery to somebody else's account (4/?)
-
So then I say look, the caller ID shows you're calling from a toll-free number and that's all it shows - I can't really verify if you're Google or not. I'll handle it. End the call.
So then I sit down and look at that email that came in while I was on the phone. It was an authorization code to add my account as a recovery to somebody else's account.
I'm guessing the next steps would have involved me giving that code to add my account as a recovery to somebody else's account (4/?)
Dude had my phone number, my name, sounded really nice and everything. Spoke professionally, no crackly audio from being in a cheap data center, nothing.
But also - since when does Google call you? And over trying to add a recovery address? The email itself says "if this doesn't look familiar just ignore it."
Scary stuff.
-
undefined oblomov@sociale.network shared this topic on
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@TOrynski @getajobmike not learning new things is different from forgetting them tho, and LLM usage can vary a lot in the range from looking at a map to sleeping while the robot drives.
I am convinced coding skills can atrophize but I'm not sure it's a fast process. I haven't driven a bike in a year, but I still know how.
-
@cwebber it's really good
-
@paco@infosec.exchange why Discourse?
Use NodeBB. We keep our shit in one folder.
You can put that folder anywhere 🫠
-
@paco this is also important to me. 👊
-
But no. The discourse "easy installer" sprays shit all over /var. I'm gonna get some database down in /var/lib/docker/something and I'm going to get assets living in /var/discourse, and umpteen gajillion container images in /var/lib/docker.
But I also have fucking /var/log for OS logs, and /var/run for runtime information like PIDs, and /var/lock and /var/tmp. I think /var/most-important-app-on-the-system is NOT where you put application software. So my volume/filesystem to encapsulate discourse? Is that a big ass /var?
I love #FreeBSD because it is so well organized. They even go to trouble to make packages like postfix or apache fit the idiom, rather than let it install in /var/lib/opt/sbin/etc or some shit.
This public service announcement sponsored by Old Man Yells at Cloud, Inc.
-
More moaning about #linux. I'm trying to get a discourse server off the ground. Why the fuck do they insist on installing non-OS stuff in the middle of all the OS stuff.
/var/discourse is not a good default. And then fucking docker wants to be /var/lib/docker. Never mind how /var/lib doesn't make any goddamn sense.
Related to my earlier discussion of hard drive partitioning. What I would like to do is have a volume that is not the operating system, but is instead all the application data. The discourse data, database, assets people upload, etc. That way I can have this nice virtual disk that encapsulates it. I could theoretically build a new node, attach this drive to the new node, and migrate the site. I can snapshot that drive more frequently than, say, the OS drive. Lots of benefits to encapsulating it.
-
@getajobmike It's interesting to see it grep in parallel for a dozen likely things in a codebase, like when an error string is constructed from variables and static strings or passed through a couple layers, and you have no stacktrace. But it will also get inverted about what's a diff vs code and point out some non-issue that wastes your time. If you work in a language with a lot of boilerplate like java, I can see it being too handy of a shovel.
-
Operazioni aritmetiche e scorciatoie
@matematica - Pare che i maschi siano più portati a usarle rispetto alle femmine.
