-
-
[原创] 一封针对github账户的钓鱼邮件
-
发表于: 2022-3-16 07:43
-
一封针对github账户的钓鱼邮件
收到这样的邮件:
1 2 3 4 5 6 7 8 | Review your account activityOn march 15, 2022 at 22:15(UTC) a file bas been uploadedin your repository from "api.github.com".On an unknown device please click on the link below to check the activity."https://github.com/settings/devices/" |
"https://github.com/settings/devices/"的实际链接为:
"hxxp://url9810.tokocrypto.com/ls/click?upn=aLmEghmoxRJP-2F680gaYmGnaCKiHYPtgaMPpLS3eteh9DEzN3TiDW2-2FozNNXOXsUAUgBxEHXvhuQ0qWJ2-2Ferhe-2FwK3oxFdoh0mNIBhBxb5nkq3ajArS-2F4v2uxZBfX7oiwsZmD_MWkiMUukSVoYZZJbzhZnNhWyM8rrhohULmwNQb9PbLpqJV9qAYMyV2ufYwSLIyhv2szuZm8NrWAFv-2BqJWvMdbrbUvAdtB85JaUbzl4b1cPjRT5xCgV2OgcjEmOHalTRt9SyIFkIIIKQMY-2BkpswSRVE69VKlJC1oIWq60qweQuP-2BYJrQ7fq-2Fzj1fWY7hXp-2FmoCV6z31DK1waVxvVXZ1ZQeA-3D-3D"
访问网址,跳转到:
hxxps://dev-api-reposit.net/?utm_source=email&utm_medium=newsletter&utm_campaign=waves
火狐会有诈骗提示:
继续访问如下:
输入一些东西之后:
估计邮箱是从github收集的,怪不得很长一段时间,一直收到国外的诈骗邮件,原来是在github泄露的
2022/3/16
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
