Recent I saw a link in a spam which wanted to phish credential:
https://translate.google.com/translate?sl=auto&tl=en&hl=en&u=ipfs.io/ipfs/<longstring>/index.html?submit=<user>@<mydomain>&client=webapp
Google translate shows a live page the user can input data into so
effectively google is hosting the payload for the spammer? (indirect
over anon IPFS network)
See for yourself:
https://translate.google.com/translate?sl=auto&tl=en&hl=en&u=duckduckgo.com
https://translate.google.com/translate?sl=auto&tl=en&hl=en&u=spammers.dontlike.us/mailman/listinfo/
Now you can click on the "List" link, see that it allows to browse the
mailman website using google domain translate.goog
So spammer and phisher can host website on sketchy server but freely use
Google for best possible reputation for web hosting and for putting link
into spam email and successfully avoid URIBL type checks.
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
