With the increase popularity of the linux desktop and the steamdeck, will new viruses and malwares be developed for linux systems? should we better use an antivirus?

  • cokane_88@lemmy.fmhy.ml
    link
    fedilink
    arrow-up
    12
    ·
    1 year ago

    Nope… Raw dawg that shit online.

    I wonder how people get phished on IG and FB. Like the get account taken over and blackmailed over a social media account… That shit baffles me. I’m pretty sure I know how they get phished but I’m just shocked it happens to smart people.

    • BaumGeist
      link
      fedilink
      arrow-up
      8
      ·
      edit-2
      1 year ago

      Smart people are not immune to moments of panic or laziness or cockiness. I don’t know about you, but I don’t always check email headers even tho that’s the closest to best way to verify the identity of the sender. And if that link verifiably goes to a website I trust, and I was expecting them to reach out, and I just have to login to check my orders and… wait, why does the url have a “redir=” parameter? Oh fuck oh god oh fuck why does the login page say “amzaon.com” instead of “amazon.com” like in the email’s link??? FUCK DAMMIT SHIT

      • russjr08@outpost.zeuslink.net
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        And if that link verifiably goes to a website I trust, and I was expecting them to reach out, and I just have to login to check my orders and… wait, why does the url have a “redir=” parameter? Oh fuck oh god oh fuck why does the login page say “amzaon.com” instead of “amazon.com” like in the email’s link??? FUCK DAMMIT SHIT

        This is definitely a situation where having a password manager with auto-filling is nice. When you save your login for amazon.com it ties it to the URL as well. So if you end up going to amzaon.com by any means and don’t manage to catch it, your password manager won’t fill in your details because it doesn’t recognize the domain.

        Of course, this won’t stop you from say, using one of the “Login with Google/Apple/Amazon/etc” buttons on some dodgy website, and granting it access to your account (because you’d be redirected to google.com / apple.com / amazon.com) but it’s at least an layer of “Wait, something isn’t right here” when the auto-fill doesn’t trigger.

        • BaumGeist
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          Password managers are an absolute must-have in this day and age. That and MFA. And making as few accounts as humanly possible.

          But, the more general concepts I’m trying to get at are that pobody’s nerfect, you don’t know what you don’t know you don’t know, and we’re all just apes prone to lapses in judgment at innoportune times.

          • russjr08@outpost.zeuslink.net
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            you don’t know what you don’t know you don’t know, and we’re all just apes prone to lapses in judgment at innoportune times.

            Oh for sure, I 100% agree! My reply was more of an educational “Hey, in case you’ve run into this before, this is a great way to prevent it from occurring again” sort of deal. No one is born with all-encompassing knowledge of the world and everything/anything they could ever interact with, and subsequently no one should be faulted for running into something like phishing scams where they’re designed to exploit someone’s potential lack of knowledge or even as you mentioned, a lapse in judgment.

            I normally am good about avoiding phishing scams but almost fell victim to one because a close trusted friend of mine had their account compromised, and sent a link to something on Steam that seemed in line with what they’d normally bring up with me - and it was exactly the fact that my password manager didn’t prompt me to fill in my Steam login details on that fake page that prevented me from trying to login.

            (Well that and I do have Steam Guard/MFA enabled, but still)