Hacker News new | ask | show | jobs
by jaggirs 309 days ago
In your example, the user is logging in to BAD.com, thinking it is GOOD.com.

In the OP's example, the user is logging in to BAD.com intentionally, but his GOOD.com account is still hacked into.

This is a lot harder for the user to catch on to.
1 comments
account42 309 days ago
Specifically, that OP describes sounds like a plausible log-in-with-big-tech-company flow that is really common these days.
link