Not a deep one this week, just a funny story about something that happened to me on Tuesday, July 17. It’ll unfortunately be a short one; one that should probably be turned into a youtube short talking about it, but moving pictures scare me.
I will be redacting the screenshots to not reveal the name of the chat, organization, and people involved.
So I was slacking off with my cat on Tuesday, not paying attention to my phone; and I check my phone and find a Signal invite for a group chat. I had missed the invite by an hour or two, so I didn’t see it before the admin of the chat had retracted it, having noticed they invited the wrong person. Unfortunately the retraction avoided it being as funny as it could have been.
I reached out to the vendor first via phone (ugh), but thankfully hit a voicemail inbox instead of a human, dodging needing to speak to someone on the phone. I then sent a Contact Us email to provide the full details and ask if they could confirm for me that it was accidental, and it wasn’t a campaign impersonating them – which would have made it less funny and more sucky for said vendor.
What happened?
The vendor was great (as they always are), got back to me in a short period of time, congratulated me on nearly being Hegseth’d, confirming it was accidental and the admin fat-fingered selecting me instead of an employee of a similar name. Thankfully making i ta funny exchange, rather than a threat they would have had to deal with (a campaign impersonating them wouldn’t have been great).
As previously mentioned, it was revoked before I had managed to accept it, which would have been the funniest thing. “Hey guys, do you have the scoping document for the upcoming exercise? I also haven’t received my Dradis creds.”
Neither the vendor (and person who sent the invite) nor I am completely sure why they had my contact info; my theory is we perhaps scoped a quote for my previous employer when I was fielding quotes for a project, and I had actually had a call with the person in the past. My personal cell was in my work signature, so it may have come from there. A great coincidence though.
Takeaways
There are a couple of takeaways that come from this funny series of events. I’m really glad it was me that got caught in the crossfire of the Signal invite:
- This vendor has disappearing messages on an internal group chat around red team exercises? Uhhhh audit trail/legal discovery? That sure is a call.
- Accidentally inviting people to a chat can happen to anyone; and we must always strive to be clean on opsec, be careful before hitting send.