|
|
|
|
|
|
by Thorrez
2545 days ago
|
|
|
But someone could register the github account newsycombinator and then serve an identical phishing page at newsycombinator.github.io . I guess you're right that it's useful for takedown resistance in phishing attacks. It's useless for small, sophisticated, targeted phishing attacks, but for large blunt untargeted phishing attacks it could be useful to have a site that would be difficult to take down and censor. But I do consider phishing different than XSS. |
|
|