Re: Phishing emails #suggestion


Marv Waschke
 

I think a notice like this is a good idea. I've seen "security by obscurity" fail too many times. The size some groups.io groups is an opportunity for a clever phishing exploit. However, Bruce raises a good point: groups.io does solicit.clicks on email links legitimately and therefore the wording of the notice has to provide users some clues on how to identify legitimate notices.

I suggest something like this:
Groups.io sends email messages asking you to confirm or reinstate your Groups.io account by clicking a link in response to events such as inadvertently classifying groups.io messages as spam. Good cyber-hygiene is to avoid clicking on links in email if you are not certain that the link is legitimate. Most browsers and email tools will display the link url in the lower left-hand corner. A good practice is to examine the url. If it is not from groups.io, don't click on the link. It could be a phishing attempt.

Best, Marv

Join docs@beta.groups.io to automatically receive all group messages.