GitHub Community
Observations of Phishing Notifications #190612
Replies: 3 comments 2 replies
-
|
The scale of the attack might have something to do with it. It was thousands of accounts, repositories, and discussions. |
Beta Was this translation helpful? Give feedback.
-
|
This is the same wave of phishing attacks that many users received recently. I actually dealt with this exact same situation — my senior got the same email, same fake CVE format, same Google Drive link, and was completely panicked thinking his account was compromised. |
Beta Was this translation helpful? Give feedback.
-
|
I ran into a rate-limiting screen on GitHub earlier that day, which led me to consider whether this might be part of a combined attack. |
Beta Was this translation helpful? Give feedback.
-
|
Another scam going on right now https://github.com/search?q=%22Invitation+from+uniswap%22&type=discussions&s=date_created&o=desc&p=1 |
Beta Was this translation helpful? Give feedback.
-
|
Quote: "Hello, |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Discussion Type
Question
Discussion Content
I recently received an email containing a GitHub mention directed to me. The subject and content of this notification appear to be part of a phishing attempt [PillarAttorney73/VSRelease-60058] Visual Studio Code - High-Risk Security Issue - Emergency Action Alert (Discussion #5)] from User "PluginUpdate-98626", and the defanged link hxxp://share.google/...
Could you clarify why this phishing mention was delivered to me? Was this due to a timing or filtering issue that allowed a malicious notification to bypass GitHub’s usual anti-spam and phishing protections?
Beta Was this translation helpful? Give feedback.
All reactions