[FRIAM] "Drop box" phishing
glen ☣
gepropella at gmail.com
Thu Mar 23 12:12:10 EDT 2017
Yeah, I can see that if you've curated your network of people. But I end up having to work with a network that's insufferably incuratable (including grad students who are worked to exhaustion and busyness people who can't be bothered to learn the tools they use). If I tried what you do, I'd miss ~30% of the artifacts that are traded.
My augmentation to your process is simply to do a 2-step check on whether the corporate notification (DropBox, Google Drive, etc.) that appears in my email is also reflected in the notification box of the normal "console" for the web application (see attachment if it goes through). If I don't recognize anything about either the email or the notification, then I won't "view" it.
It's the same process we all (should) go through for notifications from banks or credit cards... don't click on the email, go to the official page and login normally, then look for any new notices or messages.
On 03/23/2017 08:31 AM, Barry MacKichan wrote:
> What you say is reasonable, especially since I’m frequently running VMs anyway. For now, a simple rule for me is that nobody can send me a Dropbox file without first sending an email personally or calling me on the phone. Simple and it works.
--
☣ glen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot from 2017-03-23 09-03-34.png
Type: image/png
Size: 18301 bytes
Desc: not available
URL: <http://redfish.com/pipermail/friam_redfish.com/attachments/20170323/28bc7359/attachment.png>
More information about the Friam
mailing list