Home | Notifications | New Note | Local | Federated | Search | Logout
Reply to @Edent@mastodon.social Terence Eden@Edent@mastodon.social (2026-06-10 04:49:56) "Huh! I must be signed out of my Google account. Better log in."Reply
That's what the scammer wants you to think.
This is a pretty good spoof page! The UI looks about right and there are no obvious typos.
Even the domain isn't egregious. It isn't a .xyz domain or some super-weird domain name. True, it isn't Google - but it also isn't a random jumble of letters.
Let's type in our email address, just for fun!
2/4 ---Attachments--- image: https://files.mastodon.social/media_attachments/files/116/721/872/338/339/311/original/ea5268dd5e267f32.png
---Reply--- Terence Eden@Edent@mastodon.social (2026-06-10 04:53:04) This is where we get to Game Over. If you add your password here, it'll jump into your account and do who-knows-what.
Two-Factor Authentication won't save you here. If you type in your magic code the scammer will just relay that.
If you click the "OK" button on your Google device, you've authorised an imposter.
A password manager will probably save you - it won't auto-fill on a dodgy domain. But will you think the app is faulty and just manually copy your credentials?
3/4 ---Attachments--- image: https://files.mastodon.social/media_attachments/files/116/721/884/135/345/378/original/609595ff451224b2.png
---Replies---
Terence Eden@Edent@mastodon.social (2026-06-10 04:58:21) If you are about to reply saying that you're too smart to fall for this - you're wrong.
One day you will be tired. Or ill. Or hungover. Or grieving. Or drunk. Or in hospital. Or distracted. Or jetlagged.
You are not an extra-special clever boy who is far too wise - unlike those normal people - and could never be conned like this.
Everyone is vulnerable. Yes, even you one day.
I don't blame Cal.com for letting this through. But it's hard to see how to comprehensively stop scams like this.