Operation Kingphish: Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and…

I was a victim of a very similar scheme.

In Oct. 2016, my work email was compromised, which briefly allowed intruders to access the Doha News web host and Twitter account before I managed to get back control — changing passwords and enabling two-factor authentication everywhere.

Although I don’t have any email records of a “Safeena Malik”, I did get an enormous amount of phishing requests starting in May 2016, including Hangout requests from people I knew, false alerts saying someone had logged into one of my accounts — and the one that most likely got me, someone connecting with me on LinkedIn and then asking me about collaborating on an article.

He sent me a Google Doc, and when I clicked on it, it would ask me to login to my Google account before giving me access to the document. Notably, it went to https://myuser.info/omar, which was skinned to look like my account, with my email and profile photo.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.