Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/jerry/statuses/113514860927739264">Merry Jerry 🎄🎅🕎⛄️❄️ (jerry@infosec.exchange)'s status on Wednesday, 20-Nov-2024 21:45:42 JST</a><a href="https://infosec.exchange/@jerry" title="jerry@infosec.exchange"><img src="https://gnusocial.jp/avatar/5390-48-20231031011407.webp" width="48" height="48" alt="Merry Jerry 🎄🎅🕎⛄️❄️" style="position: absolute; left: 0; top: 0;">Merry Jerry 🎄🎅🕎⛄️❄️</a></section><article><p>I’ve been getting a number of phishing emails purporting to be from Hetzner saying my payment into needs to be updated. It’s interesting excuse they targeting email addresses that are plausibly associated with my various fediverse service domains.  The from addresses are nonsensical, and the link to login Hetzner are easy give away that it’s a scam. </p><p>Anyhow, please be on alert if you use Hetzner. I am guessing the play here is to steal your Hetzner login credentials, and (probably) payment information. Hetzner does have an alert in their portal about phishing attacks purporting to be from them so I think they are aware, though I found the targeting to be a bit novel. </p><p>Stay safe out there.</p><p>EDIT: I meant to add that if you have not already done so, you should turn on two factor authentication. I know it’s a pain, but it can partially mitigate the effects of accidentally falling for a phish like this, among many other attack tactics.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4035080#notice-7884902">In conversation</a><time datetime="2024-11-20T21:45:42+09:00" title="Wednesday, 20-Nov-2024 21:45:42 JST">about 2 days ago</time> <span>from <span><a href="https://infosec.exchange/@jerry/113514860927739264" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@jerry/113514860927739264">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Merry Jerry 🎄🎅🕎⛄️❄️ (jerry@infosec.exchange)'s status on Wednesday, 20-Nov-2024 21:45:42 JST Merry Jerry 🎄🎅🕎⛄️❄️
I’ve been getting a number of phishing emails purporting to be from Hetzner saying my payment into needs to be updated. It’s interesting excuse they targeting email addresses that are plausibly associated with my various fediverse service domains. The from addresses are nonsensical, and the link to login Hetzner are easy give away that it’s a scam.
Anyhow, please be on alert if you use Hetzner. I am guessing the play here is to steal your Hetzner login credentials, and (probably) payment information. Hetzner does have an alert in their portal about phishing attacks purporting to be from them so I think they are aware, though I found the targeting to be a bit novel.
Stay safe out there.
EDIT: I meant to add that if you have not already done so, you should turn on two factor authentication. I know it’s a pain, but it can partially mitigate the effects of accidentally falling for a phish like this, among many other attack tactics.
In conversationabout 2 days ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice