EDIT: Not a scam, see git’s comment below.
So I downloaded the No Thanks app, which claims to be a barcode scanner app to tell you whether a product is BDS-compliant. I heard about it after it made the rounds under the narrative of “zionists are mobbing this app with bad reviews saying it’s a scam, download it and leave a positive review!”
However, after using it I suspect it might actually be a scam app. Here’s why: if you scan a product it tells you whether it’s on a boycott list or not. If it isn’t on a boycott list, you have the option to press a button to tell them it should be. Then the possible scam kicks in: it pops open a browser window taking you to the gmail web login. Not OAuth, not opening the system mail app with a template mail, straight to the gmail web login screen where you are expected to input your username + password + 2FA. I got all the way to putting in my username + password before being prompted for 2FA and realizing what I was doing was fucking stupid. Changed my gmail password immediately afterward.
Does anybody have any info on whether this thing is legit? It seems like it would make a pretty obvious zionist astroturfing target. Also I scanned a container of tahini that literally said “Product of Israel” on the side and it said it was fine (which precipitated the above sequence of events).
Hmm, good point. I will try logging in with an unused gmail address to see what happens. I have gmail logged in in the app though so they should be able to use that right?
Depends! App developers can screw up many things