@georgieboy Given what mobile browsers are doing to the visibility of web page URLs plus how many 'you must authenticate' web services we have, I basically assume that a lot of our users can be phished by anyone who tries hard enough.
(Some spammers are starting to work that hard, but they're not doing phish spam, they're doing the 'please can you do me a favour' manual spam.)
@cks Yeah, we see a lot of finphishing too, but for that they're definitely reading our org charts, whereas the undergrad targeted stuff is spray-n-pray kind of garbage.
@georgieboy Our latest finphishing cloned someone's signature block, too, which shows some reasonably decent advance scouting. I was a bit alarmed by that; with some more work they could have made it very hard to tell in typical mail clients.
@cks Yeah, we’ve seen that one occasionally too.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!