I've been working with computers since the early 1980's. I have built them. Soldered motherboards. Written software. Been a Network Administrator for NASA, and on the development team for the Java programming language and VM.
I have the chops and experience. There's little about the function of computers - from the silicon to the UX - that I do not have a firm grasp of.
One hour ago, while working on resolving an internal processes issue between the Sales and Accounting departments about an invoice that was not entered properly, I got an email from another regular customer with questions about their monthly invoice.
It is the middle of the month. Invoices are due in two weeks (by Oct 1), so this is not unexpected. If there are going to be problems with invoices, they are either going to happen mid-month or two days before month-end closing.
Blah blah blah...
DeKalb County, GA sends me an email asking about the enclosed invoice.
Since I am on a Slack call with someone from Sales and our Accounting manager talking about the other invoice issue, I figure I'll pop open the email and see if we need to talk about this one, too.
The PDF they sent me has a link to their Microsoft OneDrive account, and I click it to download the file. I have to use my Microsoft Teams login to get the doc. (DeKalb County and my company are both Microsoft shops, and SharePoint and Teams are used HEAVILY with all the built-in functionality, like file sharing via OneDrive.)
I type in my username and password to authenticate and download the invoice from their shared drive...
... and Google Chrome pops up a message that says, "Hey idiot, you just entered your credentials into a deceptive site." And then gives me an option to "Ignore" this message, or open up my Password Manager and "Check Passwords".
Having just granted some Russian hacker full access to my computer - and all of my company's internal documentation, payment systems, code bases, etc. (I have access to EVERYTHING) - I freeze. Click NOTHING.
Switch to Slack and ping my Security Dude.
He locks my account. We change my master password, and I confirm the new password with my physical Security Dongle (that generates a unique 6-digit one-time-use code), to reset my account and all my passwords throughout the company.
--- breathe ----
Everything is fine. Nothing was compromised except my password, and the password was only compromised for 2.5 minutes, and was never used to access our systems. It is a totally unique password and I do not use it anywhere else.
So there was no breach.
If Google had not popped up this message:
I would literally not know I had given up my credentials to an untrusted third party.
This shook me. I've NEVER fallen for one of these before...
(Fuck. Still can't get images to show in Hubski...)