Frédéric JacobsThe Mastodon "Remote follow" feature could be so easily used to phish the average Mastodon user into signing into a fake instance.
⚠️ Important security reminder: Always make sure the URL shows your "home instance" when logging in.
BjarniBjarniBjarni 🙊 🇮🇸 🍏@fj Isn't this an area where customizing the way Mastodon looks based on a per-user cookie (something the fake site can't see) would help?