|
|
|
|
|
|
by kba
2216 days ago
|
|
|
Nobody is demanding you do. But if you go around claimng people "got phished", then you should be sure. I've also entered fake credentials into a clearly faked login form to see what'd happen. Would it redirect me to the right site? Just claim the information was wrong? Send me to a mock up of the intranet I was trying to access? You can call it bad policy if you want (although you don't know about my precautions), but it doesn't mean I was phished. |
|
|
1. Someone receives and reads the email sent to this email address.
2. That person is willing to enter data into a form.
This is 2 pieces of information the person didn’t have before, and it can be used in further phishing attempts in a variety of ways.
It doesn’t mean you were fooled, but that’s only half the story.