Cybersecurity

5485 readers

76 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Is dark web monitoring worth it? (sh.itjust.works)

submitted 1 year ago* (last edited 1 year ago) by Greenbubbleb0y@sh.itjust.works to c/cybersecurity@sh.itjust.works

9 comments fedilink hide all child comments

Last night my sister called me in a panic. She got a call from a "usbank" claiming that they managed security for her credit union on weekends (first 🚩). They listed off her SSN and other credit information to prove to her they were real. I wasn't there so I couldn't tell her that this was another major red flag. She gave them her banks account number. My other family members were there and called her credit union to check. The real bank walked her through what to do.

She didn't lose any money but came scary close to it. I've had her freeze her credit. Put up a alert on her credit. Changed all her passwords (saved in 1password). Set up token based authentication and I'm trying to convince her to use Google voice for sms 2fa.

Should she even bother with dark web monitoring or anything like that?

Edit: phone number used by scammers: 12104170000 I don't believe this is their actual number. It was likely spoofed. Be cautious before trying to scambait it

you are viewing a single comment's thread
view the rest of the comments

[–] InEnduringGrowStrong@sh.itjust.works 4 points 1 year ago

I think they meant when users have dumb patterns for their passwords like if your lemmy pwd was Evok3lemmy! and your reddit password was Evok3reddit!, etc.