a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by bhrgunatha
bhrgunatha  ·  1287 days ago  ·  link  ·    ·  parent  ·  post: I just got hacked

I remember seeing a tweet from someone in a similar situation to yours who showed a really sophisticated phishing scam that used some obscure technique to essentially hijack a legitimate google url.

I wish I could find it because I'd always thought I was immune to pretty much any phishing attack and now I'm wary as hell.

Still, glad to see there's no lasting damage.





goobster  ·  1287 days ago  ·  link  ·  

The hack process is so familiar with my normal everyday usage of MS products...

A coworker click a really simple "Share this!" button in an MS Office 365 product, to share a file with you. Easy, right?

So you click the link and are taken to the web page...

... oh, but first you need to authenticate your login name and password to this OTHER instance of Microsoft Office 365, because it's not federated to the same MS Office 365 instance you are currently logged in to...

... and then once you log in, it loses track of what you were trying to, so you go back to the original link the person sent you in email, click it again, and then you get into the system to download the file they wanted to share with you.

And this is the normal process for sharing a file via Microsoft's oh-so-helpful tools!

You literally go through about 7 different redirect web pages, all lightly branded with MS logos and verbiage, before finally having to re-do the initial action, because MS has redirected you so many times even they don't know what you were originally trying to do.

So you do it again.

Now, a hacker only needs to gain control of ONE of those redirects, duplicate the generic design of a bunch of generic MS pages, and even a savvy user like myself has NO IDEA that the URL changed in mid-redirect to some nefarious nogoodnik's page, and has now stolen your login credentials.

God I hate Microsoft's software...