Print

Print

Clicking a link to a bogus PDF would have the same effect as clicking the PDF itself, i.e. the goal is to get you to what's made up to look like a login page for Googledocs or whatever, but actually steals your login details.  So although it's true that blocking PDFs would stop this particular hack it's not a general solution.  To be absolutely sure you would also have to block all WP documents, as well as _any_ link in an email.

It's not clear why the scammer in this case even bothered sending a PDF, he could equally well just have sent a link.  Maybe he thought seeing an actual PDF would lend it some authenticity (though for me it just rings alarm bells).

Sadly, as with all 'social engineering' scams, the only real solution is user education, but unfortunately there's no easy fix for human gullibility!

Cheers

-- Ian


On 13 December 2016 at 13:50, Jon Agirre <[log in to unmask]> wrote:
Better. 

Article requests can always be dealt with off list, unless they're open access, in which case providing a link would be a better option for publishers, authors and uninterested recipients. 

I think it's a win-win scenario. 

On 13 December 2016 at 13:35, Paul Emsley <[log in to unmask]> wrote:
Would this mailing list be better or worse if mails with pdfs were blocked?



--
Dr Jon Agirre
York Structural Biology Laboratory / Department of Chemistry
University of York, Heslington, YO10 5DD, York, England
http://www.york.ac.uk/chemistry/research/ysbl/people/staff/jagirre/
+44 (0) 1904 32 8270