It's an interesting attack angle. Has anyone here seen any user fall for
anything similar? I want to say no one would fall for that but
experience tells me I should never underestimate what an end user will
fall prey to.
On 2022-11-10 13:22, MRob via mailop wrote:
Recent I saw a link in a spam which wanted to phish credential:
https://translate.google.com/translate?sl=auto&tl=en&hl=en&u=ipfs.io/ipfs/<longstring>/index.html?submit=<user>@<mydomain>&client=webapp
Google translate shows a live page the user can input data into so
effectively google is hosting the payload for the spammer? (indirect
over anon IPFS network)
See for yourself:
https://translate.google.com/translate?sl=auto&tl=en&hl=en&u=duckduckgo.com
https://translate.google.com/translate?sl=auto&tl=en&hl=en&u=spammers.dontlike.us/mailman/listinfo/
Now you can click on the "List" link, see that it allows to browse the
mailman website using google domain translate.goog
So spammer and phisher can host website on sketchy server but freely
use Google for best possible reputation for web hosting and for putting
link into spam email and successfully avoid URIBL type checks.
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
