- A jetlagged Troy Hunt accidentally clicked a link and logged into an account only to realise he had been phished.
- Despite reacting quickly, attackers were able to export a mailing list for Hunt’s personal blog.
- Hunt has detailed the attack and warned his subscribers in a timely fashion.
Don’t password managers verify the domain name before offering credentials?
Does that mean he doesn’t use a password manager?
Edit: RIP, now that’s a proper phishing. I understand where he’s coming from