new | show | ask | jobs Github

agoodusername63 4 hours ago

Do you think that the average HN commenter has the same phishing risk as your grandpa?

They're fine.

▲

esseph 2 hours ago | parent [-]

Everybody says that until it happens to them. Every time.

▲

bigstrat2003 2 hours ago | parent [-]

Considering I'm going 40 years strong of not once falling for a phishing scam, I feel pretty confident in my assessment that I won't do so in the future. It has to be an exceptionally good phish to get anyone moderately technical to even take a second look. And even then, generally one can tell upon a second look. It's not hard to not get phished.

	▲	esseph 2 hours ago \| parent [-]
		It can be visually identical to the real domain. https://www.kicksecure.com/wiki/Unicode It's also happened with code pushes on GitHub, which didn't get caught in code review, and has compromised build processes by introducing a malicious domain that is visually identical. Sounds like a HN-type problem. https://www.knostic.ai/blog/zero-width-unicode-characters-ri...