As much as I support the privacy of contributors I do feel like this is necessary to raise the bar for these types of social engineering attacks.
However that would've likely done little to impede this attack if it is backed by organized crime or by a state as is being speculated. It is trivially easy for those types of actors to simply use a stolen identity or create an entirely plausible one out of thin air.
It is trivially easy for those types of actors to simply use a stolen identity or create an entirely plausible one out of thin air.
Can you provide a historical example of when something like that has happened?
It sounds like hyperbole to say that it is 'easy' (even for a state) to impersonate a real-life identity or create one for a professional developer with a multi-year work history.
However that would've likely done little to impede this attack if it is backed by organized crime or by a state as is being speculated. It is trivially easy for those types of actors to simply use a stolen identity or create an entirely plausible one out of thin air.
reply