Comment by the__alchemist
4 months ago
The start of the article and comments thus far focus on the authenticator/Google account scam. I think a separate topic of note is taking a photo of the wallet recovery words [on an internet-connectable device]. This was, IMO, the primary mistake the user made. (And an easy one to make if you don't consider its consequences)
What I want to know is if the attackers knew that the photo was there, and if so, how. Or were they just planning to get into the victim's gmail and exploit whatever they found?