(C) Daily Kos
This story was originally published by Daily Kos and is unaltered.
. . . . . . . . . .



Check your passwords, y'all. [1]

['This Content Is Not Subject To Review Daily Kos Staff Prior To Publication.', 'Backgroundurl Avatar_Large', 'Nickname', 'Joined', 'Created_At', 'Story Count', 'N_Stories', 'Comment Count', 'N_Comments', 'Popular Tags']

Date: 2023-05-17

So I’m going to start by saying this diary is based on personal supposition and hunch. But since it’s best practices anyway and not about politics precisely, I’m going to go ahead and write this.



In the last few days, a user—we’ll call them Mx. Doe--whose name I’ve seen before has gotten super nasty with me. This is extremely odd, because my previous experience with this user has been as a pretty thoughtful person with some great knowledge, and while they’re not a long-time user, they have been here for a few years. We don’t always agree, but we debate and move on, you know, as two adults who are not clones of each other will do. The current spate of comments are just downright juvenile, some of them sounding outright trollish—since a lot of them have been hidden I’ll say they included many personal attacks, some of which I haven’t heard since I was in grade school. In the span of two days Mx. Doe went from near-perfect mojo to being on a timed restriction.



(I would like to pause myself here to request nobody take this as a callout or a sign they should go make a report. I have a genuine concern because this is extremely unusual behavior.)



As someone who’s seen more than a phishing scam or sixteen, I strongly suspect Mx. Doe has gotten their account phished or hijacked. There’s no way a frequent commenter would be on the site acting like this for several years and not long ago have been bojo’d. And if one person has been phished, it’s entirely possible it’s more than one person. What better way to try to upend a community? Phishing doesn’t even rely on poor infosec on the part of DKos itself—it just relies on you not noticing a teeny-tiny change in a link, like dai1ykos or dailykos.net instead of .com, and a fake login page, and game over. It’s extremely easy to miss—when I was a teenager I lost several accounts this way.



So if you’re reading this diary, now’s a good time to:



1) update your password

2) do a quick refresher on internet infosec

3) make sure your email here (and on other sites!) is correct and up to date

4) while you’re at it, do the rounds for sites like your email, bank, credit card...basically anything important to you online.



I genuinely hope the person in question is able to get their account back, if I’m correct in what’s happened. (And if I’m not correct, well, I hope whatever’s going on with them shakes out okay.) But we can prevent it from happening to the rest of us. So here’s your periodic reminder: check your links, check your passwords, don’t get caught.

[END]
---
[1] Url: https://www.dailykos.com/stories/2023/5/17/2169814/-Check-your-passwords-y-all

Published and (C) by Daily Kos
Content appears here under this condition or license: Site content may be used for any purpose without permission unless otherwise specified.

via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/dailykos/

You are viewing proxied material from magical.fish. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.