• Steve@communick.newsEnglish
    4 hours

    Users are persuaded in chats initiated by the hackers to divulge security verification and pin codes, ​giving them access to personal accounts and group chats, they said ​in a statement.

    So we’re talking about the most basic social engineering. Nothing clever or novel. The kind of thing only your grandparents would fall for these days. Solid PSA 👍

    • mjr@infosec.pubEnglish
      4 hours

      Are all these officials and journalists grandparents? Or are real people still more gullible than you’d hope?

      • lath@piefed.socialEnglish
        1 hour

        Real people are gullible in the sense that it’s way easier to notice trouble when it happens to others than when you’re at the center of it.

        The triggers for recognition change alongside perspective so it’s harder to notice something you see as a 3rd person when viewed in 1st person.

      • technocrit@lemmy.dbzer0.comEnglish
        2 hours

        No need for ageism. They’re not grandparents.

        They’re officials, military, journalists, etal. for empire. Stooges. What else should we expect?

    • WesternInfidels@feddit.onlineEnglish
      2 hours

      The kind of thing only your grandparents would fall for

      But evidently not.

      Last week I helped someone navigate their bank’s tech support to regain access to an account they’d been locked out of. I believe the bank was having some technical difficulties that they weren’t admitting to (or which the support people weren’t even aware of). Many standard approaches did not work, and we kept getting escalated. The top person we talked to eventually asked for some information that didn’t conform to the usual security question / answer format (“What year what the account opened?” for a ~50 year old account that had been opened many bank mergers ago) and wound up reading us a new password over the phone.

      This approach alarmed me, it seemed to violate some security rules of thumb that I thought I understood. But this is what the bank does, sometimes. Given the sort of nonsense that goes on legitimately sometimes, expecting the general public to understand which information flows to be suspicious of – expecting them to think in terms of information flows at all – may be asking too much. We’d all hope journalists would be more savvy, I guess, but “government officials?” Nope. I used to think “Oh, I wouldn’t fall for that” when I read stories like these, but now I’m less sure.

  • Jo Miran@lemmy.mlEnglish
    3 hours

    Russia-backed con-artists hustle officials and journalists into giving them access to their Signal and WhatsApp accounts, Netherlands warns

    Fixed

  • dhork@lemmy.worldEnglish
    4 hours

    No worries, the SecDef knows he is “clean on OPSEC”…

  • technocrit@lemmy.dbzer0.comEnglish
    2 hours

    Clickbait. Downvote.

    I guess this is an attempt to slander Signal, since Whatsapp is not even close to being secure.