EmailDiscussions.com - View Single Post - Necessary Security Discussion to start 2019 right

ChinaLamb · 6 Jan 2019, 08:55 PM

The problem is that even the best security researchers have found themselves phished. Yes, if you never try to log into a fake login you should be safe. But even some of the best out there after getting fooled. All it takes is one groggy morning or one instance where you are not fully paying attention.

The other issue is with dns intercept, or if someone takes over your dns and sends you to a malicious website that has a certificate and looks exactly like Google.

Or maybe your favorite VPN gets hacked and bad actors reroute you to fake login page for Google. Again all with legitimate certificates (but not necessarily Google's). How often do you inspect the certificates before you login?

6 Jan 2019, 08:55 PM	#25
ChinaLamb The "e" in e-mail Join Date: Dec 2004 Location: a virtually impossible but finitely improbable position Posts: 2,320	The problem is that even the best security researchers have found themselves phished. Yes, if you never try to log into a fake login you should be safe. But even some of the best out there after getting fooled. All it takes is one groggy morning or one instance where you are not fully paying attention. The other issue is with dns intercept, or if someone takes over your dns and sends you to a malicious website that has a certificate and looks exactly like Google. Or maybe your favorite VPN gets hacked and bad actors reroute you to fake login page for Google. Again all with legitimate certificates (but not necessarily Google's). How often do you inspect the certificates before you login?