I was reading this and wondering why it was posted so high (I didn’t recognize the company name), and then I got to the name at the bottom. I think the lesson here is “if it could happen to Kurt, it could happen to anyone.” Yeah, the consequences here were pretty limited, but everyone’s got Some vulnerability, and it’s usually in the junk pile in the corner that you’re ignoring. If the attacker were genuinely trying to do damage (as opposed to just running a two-bit crypto scam), assuming the company’s official account is a fine start to leverage for some social engineering.
I think you mean Kurt.
It would help if they mentioned his name anywhere in the post, title, or subtitle.
Yeah, that was definitely a pebkac on my part.
It's ok, I just couldn't pass up a good opportunity for snark!
It genuinely took me a second - I was midway through writing a very different comment. Apparently reading comprehension is not on my skills list today…
You’re right - I flagged on Thomas’s name in the signature and because I’ve seen him around here, well, forever, but Kurt is also extremely savvy.
No he's not! He got taken by this dumb phishing thing!