-
-
[原创] 一封针对github账户的钓鱼邮件
-
发表于: 2022-3-16 07:43
-
一封针对github账户的钓鱼邮件
收到这样的邮件:
1 2 3 4 5 6 7 8 | Review your account activityOn march 15, 2022 at 22:15(UTC) a file bas been uploadedin your repository from "api.github.com".On an unknown device please click on the link below to check the activity."3ebK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6i4c8@1K9h3&6Y4M7#2)9J5c8X3c8W2N6X3W2U0k6i4y4Q4x3V1j5`." |
"8b7K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6i4c8@1K9h3&6Y4M7#2)9J5c8X3c8W2N6X3W2U0k6i4y4Q4x3V1j5`."的实际链接为:
"hxxp://url9810.tokocrypto.com/ls/click?upn=aLmEghmoxRJP-2F680gaYmGnaCKiHYPtgaMPpLS3eteh9DEzN3TiDW2-2FozNNXOXsUAUgBxEHXvhuQ0qWJ2-2Ferhe-2FwK3oxFdoh0mNIBhBxb5nkq3ajArS-2F4v2uxZBfX7oiwsZmD_MWkiMUukSVoYZZJbzhZnNhWyM8rrhohULmwNQb9PbLpqJV9qAYMyV2ufYwSLIyhv2szuZm8NrWAFv-2BqJWvMdbrbUvAdtB85JaUbzl4b1cPjRT5xCgV2OgcjEmOHalTRt9SyIFkIIIKQMY-2BkpswSRVE69VKlJC1oIWq60qweQuP-2BYJrQ7fq-2Fzj1fWY7hXp-2FmoCV6z31DK1waVxvVXZ1ZQeA-3D-3D"
访问网址,跳转到:
hxxps://dev-api-reposit.net/?utm_source=email&utm_medium=newsletter&utm_campaign=waves
火狐会有诈骗提示:
继续访问如下:
输入一些东西之后:
估计邮箱是从github收集的,怪不得很长一段时间,一直收到国外的诈骗邮件,原来是在github泄露的
2022/3/16
|
|
|---|---|
