Scam Of The Week: The Evil Airline Phishing Attack

thanksajdotcom

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

What it boils down to is Knowbe4.com is a known security source, and ML is not a well known source. I enjoy ML and learn more about security from ML than any single blog, but in the instance of sharing information with higher up managers it is much easier to have easily verifiable source.

I get that, but feel it only counts if the site was pre-validated. If it was not, then both are equally easy to validate as the thing that provides them credibility (the identity of the author) is the same.

But you're assuming that KnowBe4 was not pre-validated, and I'm telling you that given the nature of the work, it almost certainly was, and so therefore a link to KB4 direct makes more sense. Letting the boss know it was posted here first is a great after-thought, but not more important.

scottalanmiller

@JaredBusch said in Scam Of The Week: The Evil Airline Phishing Attack:

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

What it boils down to is Knowbe4.com is a known security source, and ML is not a well known source. I enjoy ML and learn more about security from ML than any single blog, but in the instance of sharing information with higher up managers it is much easier to have easily verifiable source.

And a thread that does not get overrun by @scottalanmiller's ego.

Just pointing out the logic that both are blogs/communities. Feeling that blog is good and community is bad is not a good security practice since it is purely an impression alone that separates the two.

IRJ

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

I get that the person in question might already know one blog and not another. My point was that if they did, they likely didn't need a link and if they didn't, the security perception is a risk because it's not a good one.

I visit KB4 frequently. This post does not have the right tags attached to it as I mentioned earlier so it wasn't showing up where you would normally find the articles.

thanksajdotcom

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

@JaredBusch said in Scam Of The Week: The Evil Airline Phishing Attack:

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

What it boils down to is Knowbe4.com is a known security source, and ML is not a well known source. I enjoy ML and learn more about security from ML than any single blog, but in the instance of sharing information with higher up managers it is much easier to have easily verifiable source.

And a thread that does not get overrun by @scottalanmiller's ego.

Just pointing out the logic that both are blogs/communities. Feeling that blog is good and community is bad is not a good security practice since it is purely an impression alone that separates the two.

And we've established that in this case, sending a KB4 link would be best practice. If citing ML as the source or at least as the place it was discovered helps drive traffic to ML, great! But get the boss the info direct from an, assumedly, pre-validated source so that it can be addressed, and then go back and worry about ML had it first, the info was found there, etc etc.

IRJ

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

@JaredBusch said in Scam Of The Week: The Evil Airline Phishing Attack:

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

What it boils down to is Knowbe4.com is a known security source, and ML is not a well known source. I enjoy ML and learn more about security from ML than any single blog, but in the instance of sharing information with higher up managers it is much easier to have easily verifiable source.

And a thread that does not get overrun by @scottalanmiller's ego.

Just pointing out the logic that both are blogs/communities. Feeling that blog is good and community is bad is not a good security practice since it is purely an impression alone that separates the two.

I never once said the community was bad. As you already know I am on here nearly everyday and probably 10-15 times a day. All I said that it is better to share a the original source link for this specific instance.

I have shared specific ML threads when showing resolutions to problems before.

scottalanmiller

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

I get that the person in question might already know one blog and not another. My point was that if they did, they likely didn't need a link and if they didn't, the security perception is a risk because it's not a good one.

I visit KB4 frequently. This post does not have the right tags attached to it as I mentioned earlier so it wasn't showing up where you would normally find the articles.

Ah, I see. What tag do you expect? Just the "knowbe4" tag?

scottalanmiller

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

@JaredBusch said in Scam Of The Week: The Evil Airline Phishing Attack:

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

What it boils down to is Knowbe4.com is a known security source, and ML is not a well known source. I enjoy ML and learn more about security from ML than any single blog, but in the instance of sharing information with higher up managers it is much easier to have easily verifiable source.

And a thread that does not get overrun by @scottalanmiller's ego.

Just pointing out the logic that both are blogs/communities. Feeling that blog is good and community is bad is not a good security practice since it is purely an impression alone that separates the two.

I never once said the community was bad. As you already know I am on here nearly everyday and probably 10-15 times a day. All I said that it is better to share a the original source link for this specific instance.

I have shared specific ML threads when showing resolutions to problems before.

Sorry, yes. But the start was you said "actual blog" and I was just pointing out that this was an actual blog and the difference between the two was only perception.

IRJ

As I explained earlier, I would never use SW as a news source due to the nature of forums. Even though SW is well known.

You wouldn't send your boss an email about server 2008 r2 EOL from a post on Microsoft Answers. You would send the official Microsoft page. In this instance both sites are run by MS, but due to the nature of forums almost anyone would share the official source.

scottalanmiller

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

As I explained earlier, I would never use SW as a news source due to the nature of forums. Even though SW is well known.

You wouldn't send your boss an email about server 2008 r2 EOL from a post on Microsoft Answers. You would send the official Microsoft page. In this instance both sites are run by MS, but due to the nature of forums almost anyone would share the official source.

That's a little different, though. In this case it is the original author in question posting a blog post, not asking a question or getting an answer.

IRJ

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

I get that the person in question might already know one blog and not another. My point was that if they did, they likely didn't need a link and if they didn't, the security perception is a risk because it's not a good one.

I visit KB4 frequently. This post does not have the right tags attached to it as I mentioned earlier so it wasn't showing up where you would normally find the articles.

Ah, I see. What tag do you expect? Just the "knowbe4" tag?

It wasn't tagged properly on the KB4 site. It doesnt show up under scam of the week

https://blog.knowbe4.com/topic/scam-of-the-week

https://blog.knowbe4.com/scam-of-the-week-the-evil-airline-phishing-attack

scottalanmiller

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

@IRJ said in Scam Of The Week: The Evil Airline Phishing Attack:

@scottalanmiller said in Scam Of The Week: The Evil Airline Phishing Attack:

I get that the person in question might already know one blog and not another. My point was that if they did, they likely didn't need a link and if they didn't, the security perception is a risk because it's not a good one.

I visit KB4 frequently. This post does not have the right tags attached to it as I mentioned earlier so it wasn't showing up where you would normally find the articles.

Ah, I see. What tag do you expect? Just the "knowbe4" tag?

It wasn't tagged properly on the KB4 site. It doesnt show up under scam of the week

https://blog.knowbe4.com/topic/scam-of-the-week

https://blog.knowbe4.com/scam-of-the-week-the-evil-airline-phishing-attack

OH!! That makes way more sense then.