Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Abuse in phishing mail #40154

Open
Baerbeisser opened this issue Sep 21, 2024 · 2 comments
Open

Abuse in phishing mail #40154

Baerbeisser opened this issue Sep 21, 2024 · 2 comments

Comments

@Baerbeisser
Copy link

Welp, pretty sure this is wrong here, but i found no other place to report abuse.
I got E-Mail phishing containing this URL: https://bnt-nwjseqi-bxctt.cdn.ampproject.org/c/23.0134.0324.0205#cl!d=0_pt!l=1501!m=71!o=11501!d=91829_pd
Where should one report this?
@powerivq powerivq transferred this issue from ampproject/cdn-configuration Sep 23, 2024
@erwinmombay
Copy link
Member

@Baerbeisser heya do you mind explaining the scenario more?

my understanding:
you got an email that contained a link that had a phishing link using an AMP Cache URL?

is that correct?

@Baerbeisser
Copy link
Author

Baerbeisser commented Sep 24, 2024
edited
Loading

Yes, exactly. This was the content (stripped), obviously low-effort phishing.

MIME-Version: 1.0
From: TCS <v.l6.27.3.340+3wz5xN39ll@gmail.com>
Date: Fri, 20 Sep 2024 19:44:25 +0200
Subject: Car emergency kit Uberraschung

 tcs belohnungen

sie wurden ausgew=C3=A4hlt, um teilzunehmen, um ihre zu erhalten: car emerg=
ency kit!


jetzt loslegen!
<https://bnt-nwjseqi-bxctt.cdn.ampproject.org/c/23.0134.0324.0205#cl!d=3D0_=
pt!l=3D1501!m=3D71!o=3D11501!d=3D91829_pd>
.
click here
<https://vci-zhgsqqr-mlnya.cdn.ampproject.org/c/23.0134.0324.0205#un!d=3D0_=
pt!l=3D1501!m=3D71!o=3D11501!d=3D91829_pd>
to unsubscribe
<some mime image>
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D "ltr">
   <div dir=3D "ltr">
      <center>
         <h1 style=3D "color:red;font-size:36px">tcs belohnungen</h1>
         <p style=3D "color:black;font-size:36px">sie wurden ausgew=C3=A4hlt, um = teilzunehmen, um ihre zu erhalten: car emergency kit!</p><br>
         <br>
         <a style=3D "background-color:red;padding:25px 16px;text-decoration:none=
         ;color:#fff;font-size:20px;font-weight:bold;border-radius:20px;display:inli=
         ne-block;min-width:300px;margin-top:40px;margin-bottom:10px" href=3D "https:=
         //bnt-nwjseqi-bxctt.cdn.ampproject.org/c/23.0134.0324.0205#cl!d=3D0_pt!l=3D=
         1501!m=3D71!o=3D11501!d=3D91829_pd">jetzt loslegen!</a>
         <div style=3D "line-height:300px">
            .
         </div>
         click <a href=3D "https://vci-zhgsqqr-mlnya.cdn.ampproject.org/c/2=
         3.0134.0324.0205#un!d=3D0_pt!l=3D1501!m=3D71!o=3D11501!d=3D91829_pd">here</=
         a> to unsubscribe
      </center>
   </div>
   <div style=3D"font-size:3px">
      <some mime image>
   </div>
</div>

edit: new ones:
https://cmc-hxaebuu-ncgnw.cdn.ampproject.org/c/23.0134.0324.0205#oop!d=0_pt!l=1501!m=71!o=11501!d=91852_pd
https://ohs-eneoehn-ykxau.cdn.ampproject.org/c/23.0134.0324.0205#oop!d=0_pt!l=1501!m=70!o=11429!d=91845_pd
https://bpl-iucgcfv-gvtda.cdn.ampproject.org/c/23.0134.0324.0205#cl!d=0_pt!l=1501!m=70!o=11485!d=91841_pd
https://xnk-bhuogth-kahob.cdn.ampproject.org/c/23.0134.0324.0205#cl!d=0_pt!l=1501!m=70!o=9419!d=91848_pd <- this one for Galaxus, a local online wholesale chain.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@erwinmombay @Baerbeisser