Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If there was a link that said "Click here to view your messages", then yeah, I'd agree it would sound like a phishing attempt.

If it was an email saying, "You have a notification" and you have to manually log in to see it, then there's less chance of you clicking on a phishing attempt. Also, if there's any personal/private/sensitive information, this method makes it unavailable over email.

Just shooting from the hip. It could also just be laziness.



Yeah, that's why it looked so phishy.

Exact text:

"Dear Google Workspace Administrator,

You have an important notification from Google Operations that requires your attention.

Sincerely, The Google Operations Team"

And then there is a clickable link: "Go to Alert Center"

This is the first time I have EVER heard of the Alert Center. So, I also assumed it was made up.


You’re training users to click a “you have a notification” email that’s not easy to verify is legit.


You're training users to not click a link in an email, but rather log in from your homepage.


It has a big “click here” button - at least this email did.

Yea better is to tell them to go login and provide no links.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: