I thought the whole /point/ of the BB is to educate on human
gullibility. Admittedly on a slightly different topic, but apparently
it's effective. Hurrah.
On 13/12/2016 14:13, Ian Tickle wrote:
Clicking a link to a bogus PDF would have the same effect as clicking
the PDF itself, i.e. the goal is to get you to what's made up to look
like a login page for Googledocs or whatever, but actually steals your
login details. So although it's true that blocking PDFs would stop
this particular hack it's not a general solution. To be absolutely
sure you would also have to block all WP documents, as well as _any_
link in an email.
It's not clear why the scammer in this case even bothered sending a
PDF, he could equally well just have sent a link. Maybe he thought
seeing an actual PDF would lend it some authenticity (though for me it
just rings alarm bells).
Sadly, as with all 'social engineering' scams, the only real solution
is user education, but unfortunately there's no easy fix for human
gullibility!
Cheers
-- Ian
On 13 December 2016 at 13:50, Jon Agirre <[email protected]
<mailto:[email protected]>> wrote:
Better.
Article requests can always be dealt with off list, unless they're
open access, in which case providing a link would be a better
option for publishers, authors and uninterested recipients.
I think it's a win-win scenario.
On 13 December 2016 at 13:35, Paul Emsley
<[email protected] <mailto:[email protected]>> wrote:
Would this mailing list be better or worse if mails with pdfs
were blocked?
--
Dr Jon Agirre
York Structural Biology Laboratory / Department of Chemistry
University of York, Heslington, YO10 5DD, York, England
http://www.york.ac.uk/chemistry/research/ysbl/people/staff/jagirre/
<http://www.york.ac.uk/chemistry/research/ysbl/people/staff/jagirre/>
+44 (0) 1904 32 8270
