Matt BlazeJan 21, 2024
Fascinating - iMessage phishing now includes specific instructions to get around iOS Lockdown Mode restrictions.
Show threadpcbeardJan 22, 2024

@mattblaze the domain is enough to stop one in one's tracks. I usually look up domains to see who registered them, but that information is getting harder to come by these days:

https://www.internic.ca/Whois.aspx

Internic.ca - WHOIS

We have everything you need to build a safe and secure website. Enhance your brand online today with Internic.ca.

Show threadDragonFlame
@pcbeard @mattblaze
Not if you are older and non techy and have no idea what a domain even is.
Jan 22, 2024 at 10:41pmWeb
Show threadpcbeardJan 22, 2024

@RHW @mattblaze of course. That’s why we have to teach non-technical people how to cope with phishing. I wouldn’t expect non-technical people to know about whois searches. If a web address doesn’t end with .gov but purports to be from USPS, that’s a valuable red flag. The other difficulty is typo squatting. Not every URL points where you think it does.

https://en.m.wikipedia.org/wiki/Typosquatting

Typosquatting - Wikipedia

Show threadMatt BlazeJan 22, 2024
@pcbeard @RHW Or perhaps we should design systems where hopelessly esoteric, useless "education" like this isn't required to use technology safely.
Show threadpcbeardJan 22, 2024
@mattblaze @RHW you’ll get no argument from me on that point. This is just the current world we live in.