Re: Hackers are using your website http://validator.w3.org/

Try entering a web address rather than an email address.

Further - really?
(though, at least titi.com does load an iframe, with redirected contents
- too many cookies & javascript-only .... it still smells phishy to me)

On 22/11/2020 00:30, Romain C wrote:
> Hello,
>
> I am living in France, and I would like to report a fishing attempt I
> get from people using your portal as a trust tool.
>
>
> Here is the resume :
>
> - Hacker calls me on phone and tells me my computer is hacked.
> To prove this, he proposes me to type: "validator" in Google
>
> https://www.google.com/search?hl=en&q=validator
>
> which leads to your website :
>
> image.png
>
> Then he asks me to type my email address in the field.
>
> example :
>
> image.png
>
>
> And then to click the check button.
>
> With any Gmail address, your web page returns a weird error page :
>
> https://validator.w3.org/nu//accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1&osid=1#
>
> image.png
>
>
> Then the caller tells me that if I see an error page my computer is hacked.
>
>
> As I'm working in a web agency company and aware of your website, I
> followed the steps.
> But at that point, I said I will call the police, and the hacker quit
> the phone call.
>
> I imagine he would have tried to make me pay something or lead me to
> download some sort of virus.
>
>
>
> What concerns me, is that I think your website should better handle the
> error case of an email address put in that field as it is the case for
> toto@titi.com <mailto:toto@titi.com> :
>
> https://validator.w3.org/nu/?doc=http%3A%2F%2Ftoto%40titi.com%2F
>
>
>
> Best Regards,
> Romain.

--
Ian Stuart.
Perl & Python developer,
EDINA,
The University of Edinburgh.
🚙
http://edina.ac.uk/
The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.

Received on Friday, 27 November 2020 07:05:31 UTC