Three of my friends got hacked this week.
You get an ecard and click. It asks you to log in to your email.
Boom, done. It hacks your email account, steals all of your contacts and then sends itself to the whole address book. And while they’re at it, they could be scraping and misusing all sorts of data.
The first lesson is that you should only log in to your gmail or other email accounts directly, not if you’ve followed a link.
The second is that you really should get a password manager. Many are free or cheap. Some are easy to use.
Mostly, alas, we need to remind ourselves that just because it looks familiar (on the screen! on the internet! in a card!) we can stop paying attention. Especially if an AI said it, or it came to us unasked.
The internet lets ideas spread at scale. It also gives a few bad folks the leverage to cause a lot of havoc.
(And part of the problem lies with Google–they intentionally crowded out the peer-to-peer open net, but haven’t done enough to stop spam or scams.)
Look both ways before crossing.
