🐿️
11

That time I clicked a sketchy link on a coffee shop login page

Honestly, I was at a Starbucks in Austin last Tuesday trying to get some work done. I saw a pop-up asking me to verify my account with a quick login link, and I clicked it without thinking. Then my laptop slowed down for like 5 minutes and I realized it had loaded some weird script running in the background. I immediately unplugged from their WiFi, ran a full malware scan, and changed my passwords from my phone's hotspot. Has anyone else fallen for those fake login pop-ups at public spots?
2 comments

Log in to join the discussion

Log In
2 Comments
wade_young86
...and that is exactly why I never connect to public networks without my VPN turned on first. Clicking random login popups in coffee shops is basically handing your credentials to whoever set up that fake portal. I bet that script was trying to grab your browser cookies or session tokens too, not just slow your machine down.
10
ellis.diana
Oh man, this hits close to home. A coworker of mine fell for one of those fake login portals at a bookstore last year, and it was a nightmare sorting out all the compromised accounts afterward. You're totally right about the session token grabbing too, that's exactly what those scripts do. It's scary how easy it is to let your guard down when you're just trying to check your email real quick. Your mileage may vary, but I've started keeping my VPN on all the time, not just on public networks. Really appreciate you sharing this reminder, it's easy to get complacent until something bad actually happens.
1