Rust

MY PERSONAL ⚠️ PHISHING ⚠️ EXPERIENCE

🖐️ Good morning everyone!
I wanted to tell you about an episode that happened to me last night in the hope that you can learn from my mistakes.

A couple of nights ago, on Rust's official Discord Server, I posted a user search message for a game or two. Last night I got an answer from a guy, we talked about the game for a few minutes, then he suggests adding us on Steam (so far everything normal), I looked for his name and find 2500 identical results … He passes me the link to his profile, so I look for (on Steam) his Steam ID which I see from the preview of the link just sent me.

🤔 The fact that I was unable to find the ID sounded strange to me but for some reason it didn't ring any bells in my brain.

🤏 Small parenthesis: I studied Penetration Testing (white hacking and so on) and Cybersecurity for a long time, followed courses and updates, studied and practiced when I was CTO of my company. In short, I thought I was the last idiot capable of falling into such a things.

After a minute without finding it on Steam, said "fuck, ok", I open its link and see the profile, I look at the address bar (thing which i do every damn time) and at first glance everything seems to be in order 🤦‍♂️, I proceed to login from the browser.

Luckily I completely confused my Steam account password and hit enter, at that moment I realized I had confused the password and a moment later the page got a bad response from the server. Alarms all over my brain, it smelled bad, I looked at the address bar and finally I noticed the wrong letter (steamcommumnity instead of steamcommunity).

Fortunately it was an old password that I used only in 2 places while for the rest (as well as for Steam) I have been using a Password Manager for years (in my case 1Password), everything changed and end of drama.

What can we learn from all of this?

I would say that the first point is: Paranoia or non-paranoia, even someone extremely attentive to these things can have moments of low attention, perhaps because we feel in a relatively safe environment and/or following an event that makes it very believable. Keep your eyes opened, always.

The second point is: Use damn Password Managers, your passwords should all be different, one for every single service on the planet. This thing is not possible except through tools that make the process comfortable and fast. There are Pw Managers that have browser extensions, mobile and desktop apps all in sync, so as to make everything immediate.

Here are a couple of useful links:
This video talks about how Pw managers work and why they are highly recommended rather than keeping our passwords in mind (it's very techy so it may not be for everyone)

This is an article that talks about Phishing in general (and prevention)
https://www.totem.tech/phishing-prevention/

Hope this could be of some help to everyone, or even just a small reminder <3

Source

Similar Guides

    None Found


More about Rust

Post: "MY PERSONAL ⚠️ PHISHING ⚠️ EXPERIENCE" specifically for the game Rust. Other useful information about this game:





Top 20 NEW Medieval Games of 2021

Swords, dragons, knights, castles - if you love any of this stuff, you might like these games throughout 2021.



10 NEW Shooter Games of 2021 With Over The Top Action

We've been keeping our eye on these crazy action oriented first and third person shooter games releasing this year. What's on your personal list? Let us know!



Top 10 NEW Survival Games of 2021

Survival video games are still going strong in 2021. Here's everything to look forward to on PC, PS5, Xbox Series X, Nintendo Switch, and beyond.



You Might Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *