Asklemmy

49124 readers

548 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
!lemmy411@lemmy.ca: a community for finding communities

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 6 years ago

MODERATORS

What's the dumbest scam you've ever seen? (lemmy.ml)

submitted 1 day ago by Merlu@lemmy.ml to c/asklemmy@lemmy.ml

20 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] HiddenLayer555@lemmy.ml 7 points 1 day ago* (last edited 1 day ago) (1 children)

Dumbest AND most genius: Fake captchas that get the user to press windows+R, then control+C, then enter.

Dumbest because if you paid attention to what's being pasted, it's usually a call to power shell with an arbitrary script, and it's being pasted into your OS's run box which is basically like a console.

But also genius because there are tons of people that fall for it, and it's a social engineering masterpiece.

John Hammond with more: https://www.youtube.com/watch?v=lSa_wHW1pgQ

This really highlights two systemic issues: tons of people don't know what they're doing with computers and don't know basic security concepts like don't run an arbitrary script from an untrusted website, and we should probably do something about that. Which brings me to the second point that Windows is pretty ass for making it this easy. Why can you run an encoded power shell script from your run box, and why would you make bypassing the execution policy as easy as a flag in the command you're invoking? I can't imagine those have a lot of legitimate uses and aren't just being abused by criminals.

[–] toynbee@lemmy.world 3 points 19 hours ago

That guy doesn't look like the dinosaur guy. Not yet, anyway.