- cross-posted to:
- technik@feddit.org
- hacking@lemmy.ml
- cross-posted to:
- technik@feddit.org
- hacking@lemmy.ml
You must log in or register to comment.
Continue not answering your phone
ezpz
you don’t owe anyone instant access to your attention at an arbitrary time of day
Yeah i hate an unexpected interruption of my day for whatever nonsense. Same thing with work calls just to discuss something that requires only a yes or no question to be answered.
I like to make an exception for Lemmy though. This fediverse decentralised “”“darkweb-lite”“” stuff is cool af
Gives me child-like excitement
Checking the phone number never was useful. It is my understanding that it is as easy as sender email to spoof, but without any of the protections that exists for emails.
The only way to be sure of who you are talking to on the phone is to call back a known number.
It is my understanding that it is as easy as sender email to spoof
yup
I don’t use google workspace. Is it normal that they call you about stuff? For me that would be the first red flag and I’d just not pick up.
It is not normal to speak to a real person at Google, no
Yeah, that should’ve been the real red flag.
I have talked to a real person at google a number of times in the past related to pixel support, as well as a few other topics. But it was YEARS ago. Just like every other company, it has gotten harder and harder to speak to a real person.
A few years ago (2018?) I was on Amazon looking for shoes or something, and I used their feedback from to complain that even if I selected my size, it would show me items out of stock in that size. And someone actually called me! It was wild!
Granted, she was clearly working at an overseas contract call center because the call quality and her English were both terrible, so she couldn’t understand was I was talking about, and I didn’t actually care that much to push the issue.
One time they had phone tech support for Google music many years ago and it was surreal to talk to someone at Google
You can barely talk to someone at google if you’re a paying customer and try to call them. No way they’re calling you.
I can see why this is concerning and I applaud playing along for so long but of course the real first best practice is aint no one at google going to deal with one hacked account with a phone call. I need you to do X to do something with your account. Yeah they are admins and can take control and do what they want. They are effing google.
Why would you trust ‘important.g.co’? Even though it’s google’s own redirect URL, Google would use “important.google.com” in official communications, not fucking redirect URLs.
I believe this is done using IP rerolling. Basically; a DNS record is created by the domain’s owners to an IP address to verify its ownership. However over time, there might be reasons where the original servers loses the initial IP they were given. This is typically not a problem as long as the IP in the DNS records is updated. However if the subdomain stops being used via official means and people behind it does not delete their subdomain records from the DNS; A malicious actor could reroll their IP until they get the desired IP; and they can control that subdomain if they do.
Btw, slightly related: never abandon your old email adress.
In this day and age you need to be very careful abandoning anything in the cloud. My employer regularly contracts with HackerOne to test the security of our websites. On at least one occasion they demonstrated an exploit by creating an AWS S3 bucket with the same name as a bucket we stopped using years ago. We still had an old DNS record pointing to that old bucket if I recall correctly…
Removed by mod
