Spearphishing and 2-factor authentication

The spear phishers have stepped up their attack on me (and probably you). Of late I am seeing a much larger number of emails like the pictured one.

Here they have figured out my email (not overly complex). They have spoofed an email as coming from github (not that complex). They have then claimed I am trying to recover my password, and, given me a link (sso-github.com) to recover.

So my best defence is to recognise this, and ignore it. My second defence comes in my DNS (mine is provided by quad9,, but, you may wish to try the new CIRA setup for consumers). So my DNS won’t resolve this.

My 3rd line of defence, of course, is my 2-factor authentication. This means that a password alone is insufficient to get my account, you need to come find my YubiKey.

Is 3 lines of defence enough for everything? No. Is it enough for most? Yes. Defence in depth. This is where normally I would tell a hilarious joke about a pair of joggers and a bear. But, I’ll save that for another day.






Leave a Reply

Your email address will not be published. Required fields are marked *