Last night I saw a Substack post from one of my subscriptions, but I immediately distrusted the post.
The post was purportedly from Kathy Kristof from SideHusl.com. Now Kristof herself is legitimate, and her SideHusl website evaluates…well, side hustles.
But this message didn’t sound like Kathy, and my spidey sense was aroused.
Let me count the ways.
- “We.” Normally if an entity suffers a breach, the entity uses its name.
- “Your device”…”the firmware level.” Substack posts can be viewed on a variety of devices. So this supposed breach affected all of them?
- “If you are receiving this email.” While Substack subscribers can receive emails of posts, they also appear on the Substack website. I happened to be on the Substack website when I saw the post. I was not reading an email.
- “Take immediate action…by updating your firmware.” The typical scam sense of urgency, coupled with a non-sensical request (see 2).
- “The FBI has been notified.” Such a report should probably go to a different agency.
- “support@trezor.io.” Trezor is a legitimate company that secures crypto assets…which has nothing to do with SideHusl or Substack. And by the way…
- “Substack” (not). In the same way that the post does not explicitly mention SideHusl, it doesn’t explicitly mention Substack either.
- “Access Dashboard button.” The reader is asked to click this button, supposedly to update their firmware (see 2).
My immediate reaction?
“I ain’t clicking that Access Dashboard button.”
And:
“Suspicious message, purportedly from Kathy Kristof at Sidehusl.com, asking you to click a button.
“No way.”
Be careful out there.
Bredemarket 
1 Comment