Which Site (Platform or Website): PPT or PXT sites
ReporterName: Randy Vice Date/Time: 05/03/18
Reduced Phishing success rates:
All direct emails from Populous (PPT and maybe PXT), will three additional layers of security.
First layer will be all emails will be sent with a unique (but fairly short) hash that is also sent via SMS for confirmation. This will always fill up the top of any direct email so end users will always be expecting to see this confirmation hash with instructions to look for SMS confirmation of same hash string plus a 8 digit PIN.
Second layer is just below the first layer is a confirmation button that with the SMS 8 digit PIN and use of 2FA, will show an required uploaded image of the ID used for KYC. This step is not required for user to initiate, but it's there if they so chose to confirm this is a legit Populous email.
Third layer is in annoying bold statement never to login to any actual account from any email issued by Populous as Populous will never issue an email with such links. If you see a Populous email with such links, delete the email as it's phishing scam.
Nothing is perfect, but I feel the above will cut down on PPT users getting phished.
Which Site (Platform or Website): PPT or PXT sites
ReporterName: Randy Vice Date/Time: 05/03/18
Reduced Phishing success rates:
All direct emails from Populous (PPT and maybe PXT), will three additional layers of security.
First layer will be all emails will be sent with a unique (but fairly short) hash that is also sent via SMS for confirmation. This will always fill up the top of any direct email so end users will always be expecting to see this confirmation hash with instructions to look for SMS confirmation of same hash string plus a 8 digit PIN.
Second layer is just below the first layer is a confirmation button that with the SMS 8 digit PIN and use of 2FA, will show an required uploaded image of the ID used for KYC. This step is not required for user to initiate, but it's there if they so chose to confirm this is a legit Populous email.
Third layer is in annoying bold statement never to login to any actual account from any email issued by Populous as Populous will never issue an email with such links. If you see a Populous email with such links, delete the email as it's phishing scam.
Nothing is perfect, but I feel the above will cut down on PPT users getting phished.