From 4bbe88398c2005afcd152a119fbbf073f8a3421a Mon Sep 17 00:00:00 2001 From: Lukas Vacula Date: Sun, 7 Apr 2024 18:50:56 -0400 Subject: [PATCH] new posts --- content/posts/2024/04/20240406/index.md | 41 ++++++++++++++++++++ content/posts/2024/04/_index.md | 9 +++++ content/shortnotes/sudo-for-windows/index.md | 10 +++++ 3 files changed, 60 insertions(+) create mode 100644 content/posts/2024/04/20240406/index.md create mode 100644 content/posts/2024/04/_index.md create mode 100644 content/shortnotes/sudo-for-windows/index.md diff --git a/content/posts/2024/04/20240406/index.md b/content/posts/2024/04/20240406/index.md new file mode 100644 index 0000000..6e0bdcd --- /dev/null +++ b/content/posts/2024/04/20240406/index.md @@ -0,0 +1,41 @@ ++++ +title = "Please Don't Dunk on Scam Victims" +# description = "" +date = 2024-04-06 +# updated = 2024-04-06 +#draft = true +[taxonomies] +tags = ["security"] ++++ + +Yesterday, a Twitter user going by the name "marsothy" (@splatatouille) posted a thread of tweets about getting caught up in a Discord scam. You can find that thread [linked here](https://twitter.com/splatatouille/status/1776311022506459564) but I'll summarize it here: +- a friend's account was compromised +- scammer poses as friend claiming that Marsothy needs to get in contact with Discord support via a specified Discord account +- having Marsothy change their Discord account's email address +- asking for banking information +- asking for a money transfer via Venmo + Bitcoin +- Marsothy is locked out of their account + +I've had one person DM this to me, and another group I'm part of post about it. +The general consensus was "this person was very dumb". +And yeah, to an extent, he was. +Having to share your bank account information or sent money via crypto is really clear of a scam and I'd like to believe that I wouldn't fall for something like that. +But some of it tilted the scales in the scammer's favor. + +It's important to note that: +- Marsothy had just woken up (so probably not thinking straight) +- Marsothy had never heard of this kind of scam. + +Scammers prey on you not thinking rationally. +If you got a text from your [mother/close fiend/amicable ex-lover] using a semi-verified way of knowing it was them (like phone contacts) shortly after waking up, you'd probably not think as much about "who is this" versus "how can I help". +I used to construct social engineering campaigns professionally (and under legal contracts that gave me permission to do so). + +They also prey on people now knowing about scams. +Yeah, this one might have been less believeable once it got the the bank account stage. +But **it's a good thing to share knowledge of scams** even if it's embarrassing. +We need to stop dunking on people who share that they fell for a scam. +I applaud Marsothy for sharing this with the world. + +I leave you with two of his tweets from after the thread had been up for a while: +> muting this, but that you to everyone who has been understanding of my situation despite the...questionable lack of judgement i had in the moment. [...] hopefully sharing will prevent more people from falling victim to this terrible scam +> everybody calling me or anyone stupid for falling victim to this kind of situation, you're really not helping anybody diff --git a/content/posts/2024/04/_index.md b/content/posts/2024/04/_index.md new file mode 100644 index 0000000..3fbf406 --- /dev/null +++ b/content/posts/2024/04/_index.md @@ -0,0 +1,9 @@ ++++ +title = "Example posts" +sort_by = "date" +template = "posts.html" +page_template = "post.html" +transparent = true ++++ + +Posts diff --git a/content/shortnotes/sudo-for-windows/index.md b/content/shortnotes/sudo-for-windows/index.md new file mode 100644 index 0000000..cc58746 --- /dev/null +++ b/content/shortnotes/sudo-for-windows/index.md @@ -0,0 +1,10 @@ ++++ +title = "Sudo for Windows" +# description = "" +date = 2024-04-07 +# updated = 2024-04-07 +#draft = true +[taxonomies] +tags = ["shortnotes"] ++++ +Over 40 years after the initial release of `sudo` for UNIX, Microsoft [is adding sudo to windows](https://www.bleepingcomputer.com/news/microsoft/the-new-features-coming-in-windows-11-24h2-expected-this-fall/). Thank you, Microsoft.