undefined | Better HN

0 pointsjrodom6y ago0 comments

If this is a recent occurrence, I'd be happy to have our application security team take a look. To be clear, there hasn't been any kind of breach, but our customers are often targeted in phishing schemes that results in the disclosure of account credentials. We're continually adapting our defenses, but this is responsible for the majority of credential leaks.

0 comments

duskwuff6y ago

There's one really easy step you could take that would make a huge dent in those phishing schemes:

Detect and block phishing emails that are forwarded through your service. Right now, I get several messages forwarded per day from "Sam at Mailgun" (actually a variety of external senders) trying to get me to log in to review various (nonexistent) problems with my account.

j / k navigate · click thread line to collapse

0 pointsjrodom6y ago0 comments

0 comments

duskwuff6y ago

There's one really easy step you could take that would make a huge dent in those phishing schemes:

j / k navigate · click thread line to collapse