Author

Topic: PM Phishing? ... probably catch a whale (Read 117 times)

legendary
Activity: 1919
Merit: 1230
AKA Ms-overzealous-condecsending-explitive-account
July 07, 2022, 07:01:21 AM
#4
Just to avoid duplicate thread, we can further our discussion on this other thread that was created before this one:

weird pm received

WHat he said ^^^^^^^

Topic locked.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
July 07, 2022, 02:20:44 AM
#3
Just to avoid duplicate thread, we can further our discussion on this other thread that was created before this one:

weird pm received
legendary
Activity: 2156
Merit: 2100
Marketing Campaign Manager |Telegram ID- @LT_Mouse
legendary
Activity: 1919
Merit: 1230
AKA Ms-overzealous-condecsending-explitive-account
July 06, 2022, 11:36:36 PM
#1
LOL, just got this PM from a user named:  newalias   (reported)
Guess my "entropy" is too low.  Cheesy Cheesy

Quote


MESSAGE TITLE: Security warning - scammy title, serious concern


Hi there,

you are member of DefaultTrust. Therefore, the security of your account is crucial.

However, you have a security question in place, what often means lower entropy than a secure password and maybe being easier to guess. Simplest thing I have seen in DefaultTrust was "1+1" with answer "2" was correct - I have frozen it for security. Easy questions ask for an age (try 0-99) or a birth year (try 1940-2022) or lower case initials (try aa-zz). Many questions ask for a city or a make of first car - brute force can help. And there are loads of questions for names of wife, birth names, pet names and so on. These are things that may be shared even in a post or require only your real name! The better people know the account owner, the better they know the answer!

Recommended action to take is to remove security question at all. Please get back to me stating how you improved account security. If I do not get a reply, I need to inform board administration for our all safety.

I started with whole DefaultTrust as I think the base of community should be secured first. Later, I will go for more users. Captcha is useless as I use some trick I will only discuss with theymos.

Thank you!


Jump to: