undefined | Better HN

0 pointsfoolmeonce5y ago0 comments

In cases like this it doesn't matter so much, this attack wouldn't even work over LinkedIn's web of trust.

0 comments

2 comments · 1 top-level

Galanwe5y ago· 1 in thread

Why wouldn't it? If you ultimately trusted a colleague that was phished into trusting the attacker, then you would trust the attacker to be who he claims to be.

foolmeonceOP5y ago

They would need less believable stories and to impersonate interns, subcontractors, etc.

The pattern in the attacks could be extremely brazen, like impersonation of the editor themself or a higher position colleague to resist social checks.

Pretty strange for a long term editor to have few paths to themselves within their own publisher. (Since each attempt to gain a new connection in the publisher risks someone noticing the email address is a fraud of their own company and cause revocations.)

If the attack is 100 or 1000 times less effective it is probably written off as a complete waste of resources.

j / k navigate · click thread line to collapse