Beware of the glthubs.com phishing attacks. I nearly fell for this one.
The only thing that saved my bacon is that I should already be logged in! Then I noticed the funny-looking domain name.
@lordalveric Relying on a password manager that checks domains (eg. the one built into your browser) is a good first step to protect against this sort of thing.
@ssokolow Yep. That's part of what saved my bacon. The browser did not recognize the site, so it didn't fill it in.
Not sure what they expect to gain from cracking my github site, because most things there are already visible to the public anyway. And the stuff that isn't would not be of too much value to them.
@lordalveric Possibly selling access to your projects to aspiring malware peddlers or hoping to gain access to other sites with a "Login with GitHub" option.
@lordalveric As long as you don't tell them your SMS number.
The reason so many sites are trying to cajole or even force people to add their SMS number is so they can use it as an ad-targeting identifier that's harder to change or have multiple of than e-mail addresses.
@lordalveric Yeah. I run a stack of the MVPS HOSTS file, Firefox's built-in tracker blocker, privacy.resistFingerprinting=true, CanvasBlocker, Cookie AutoDelete, Decentraleyes, HTTPS Everywhere, Privacy Badger, Random User-Agent, uBlock Origin, and uMatrix, with the latter two made stricter than default... and, that's just my day-to-day browsing.
When I'm doing private stuff and not logging into the site anyway, I use Tor Browser instead of "New Private Window".
@ssokolow Hahaha! I actually have multiple SMS numbers! :)
I rarely give that out, and grow annoyed with how many places that insists on having it.
In these days of aggregation of data, you do NOT want to make that much easier to track you.
Nearly every website you visit has tracker scripts embedded in the pages, as well as ad scripts. Sybu script blocker to the rescue! (there is a similar plugin that works with FireFox)