Is this you in this explicit snap? No, it's just Discord phishing Cybercriminals are taking an old trick to newer places: Twitter and Discord. Users of both platforms have been warned to be on the lookout for direct messages warning them that their account had been flagged for bad behavior, in the case of Twitter, or, in the case of Discord, that X-rated photographs of them have been …
I'm not sure I totally agree with that statement.
If your level of expertise is click-on-any-attachment-or-link-regardless-of-if-you-know-the-sender-or-not, then yeah, you're at risk.
But if your level of expertise is I-don't-know-you-and-I-will-not-click-that, then you're pretty much immune to that risk.
Your faith in your own infallibility will be your downfall.
I consider myself to be someone who is "aware" and "on the ball" with this sort of thing, but a number of years ago in a pre-first-cup-of-tea moment I clicked something I should have known better about on MSN messenger without thinking and sent similar spammy messages to a whole bunch of my contacts. Oops.
There is always something that could get through in the right circumstances. I consider myself clued up about various scams but I've been caught once with a dodgy PDF from a business associate I knew who I was expecting some documentation from. It didn't hurt my Linux based computer as it had Windows malware in it. Turned out my associate had been pawned by malware and everyone in his address book similarly spammed.
On another occasion while waiting for a parcel from Royal Mail I had an SMS supposedly from them saying there was a problem with my delivery and it gave a link to a website. This was before such parcel scams became common knowledge. However, it did ring a few alarm bells so I looked up the website rather than going to it, and sure enough it was flagged as hosting malware. So close to getting caught.
Just takes a moment - opened email from pain on the butt colleague, while I was thinking about them, opened link in the next email about a car with lights left on in car park.
I don't drive to work.... luckily it was a fake phishing email that out cyber security team put out.
Since then, I've reported emails - even the genuine ones asking for money for the tea fund
Yeah, hubris is tricky that way.
I lost a bet once over an auto execute exploit on .jpg files as an email attachment. That was the late 90's. Tried to keep my foot out of my mouth over the following quarter century.
We are stuck on Gmail and I still have to open a bloody message to "View Source". There have been script bugs that have slipped through their sanitation and sandboxing. On a long enough time line it will happen again.
Try a new rule of thumb on:
Do your best, but you can do everything right and still get pwned, unless you do nothing at all. Those are the only choices. The rest is out of your hands.
> Back in the day, one of The Register's own vultures was on the receiving end of one of these scams: an email blackmailing the mark into paying a ransom to prevent the leak of an explicit, compromising video that didn't actually exist.
I find this disappointing. Back in the proper "back in the day" the Reg's contributors were entertaining enough that there was very little likelihood that wasn't kompromat a plenty to be had on them.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
