5
kurtr
7y

The latest scam someone that works with me fell for - I hope I just prevented the rest of my company from falling for (will know tomorrow). Firstly we use fucking imap, secondly how the fuck did you email me to tell me I can't receive emails???

Still pretty well executed.

Comments
  • 0
    Any one interested in some real world pen testing on site that wont report you (check for shared hosts - someone else will) feel free to fuck with the link that was in the mail...

    [http://] securitycheckupdateaccount.dropbd.com/config/settings-2.php?email= [insert fake email address]
  • 0
    Ahh come on. He spelt server wrong and his email address is noreply@demon.com. How do you fall for that. On a side note. You can report that demon.com domain to its registra (grab from a whois lookup). I have had a few scam sites shutdown like that
  • 1
    @InterferenceObj
    It could be spoofed, No SPF or dmarc present.
  • 0
Add Comment