-
Hey, @teemuylhaisi, the warning messages about phishing from @OP_Ryhma could be improved a bit don't you agree? First, "Check certificate"? For what? I don't think we can expect people to be able to tell a valid TLS cert from a LetsEncrypt one?
-
"Do not give any information to fraudsters" - Well... If I knew it was a fraudster theI wouldn't be giving information would I? How do I know it's a fraudster?
-
Always "check the address". Same as #1. Check for what? Why not tell them to check for op.fi? Could it be common thing that @OP_Ryhma sometimes uses 3rd party services (hosted on another domain) for valid services? I know at least pohjola.fi is used
-
And in an attempt to be constructive, here is my quick attempt at a rewrite. 1. Don't mention certificate, nobody knows what that is 2. Remove the truism 2. Always use op.fi so people can check that 3. Give people permission to always call if unsure
-
The longer version on the website is better, but still room for similar improvements. I'll leave that as an exercise for the reader though. op.fi/-/huijaustekstiviesteja-ja-sahkoposteja-op-n-nimissa
-
Following up on this, @Saastopankki just did a much better version. Good clear examples, stating what a correct url looks like and also a lot of example of actual phish/spam so people can recognise it when they get it. saastopankki.fi/fi-fi/saastopankkiryhma/saastopankkikeskus/saastopankkiliitto/ajankohtaista/tietoturvapaallikon-vinkit-turvalliseen-asiointiin
-
Not sure if @VesaPyyluoma is on twitter anymore or if it's the right Vesa. But if it is, good job!