<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@dalias" class="u-url mention">@<span>dalias</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@glyph" class="u-url mention">@<span>glyph</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@mcc" class="u-url mention">@<span>mcc</span></a></span> let's say you register on amazon.com, you save an entry, it's fine<br />now, because you are in the UK, you get amazon.co.uk. it uses the same login, so you pull up your password manager, and either copy the password, or manually add it to the allowlist<br />now, you get a phishing email with a link on amazom.co.uk. amazon has trained you to do this and you don't quite remember everything you've done, so you just do it again</p><p>2/2</p>
