@moderation
I recently got a phishing attempt to the email address I have here on Codeberg. I only use it on Codeberg and Github, and based on what I know, it seems plausible that someone harvested it from here. I have it visible exclusively to signed in users (at least that's how it should be) for legitimate use - namely for using it to grab my public GPG key off a keyserver. However, this means that someone must have signed up on Codeberg for the express purpose of phishing which surely violates the TOS.
Here's what I know:
- Impersonation of what appears to be a German domain registrar
- Entire email is in German - clearly targeting German nationals
- The confirmation link goes to an obviously different site (I didn't open it of course)
- All the other links appear valid (again, I'm not testing it)
This is both a warning to users, to be careful out there, but also wondering if there's any specific thing Codeberg can do or if there's any private channel I can and/or should send the email's details to for potential action, such as banning the user (if they in fact used the same email here). Should I also notify the registrar or anyone else?
Given my account is highly secured and my email is visible to signed in users, I don't think a data breach is likely but I thought I should make this event known anyways.
### Comment
@moderation
I recently got a phishing attempt to the email address I have here on Codeberg. I only use it on Codeberg and Github, and based on what I know, it seems plausible that someone harvested it from here. I have it visible exclusively to signed in users (at least that's how it should be) for legitimate use - namely for using it to grab my public GPG key off a keyserver. However, this means that someone must have signed up on Codeberg for the express purpose of phishing which surely violates the TOS.
Here's what I know:
- Impersonation of what appears to be a German domain registrar
- Entire email is in German - clearly targeting German nationals
- The confirmation link goes to an obviously different site (I didn't open it of course)
- All the other links appear valid (again, I'm not testing it)
This is both a warning to users, to be careful out there, but also wondering if there's any specific thing Codeberg can do or if there's any private channel I can and/or should send the email's details to for potential action, such as banning the user (if they in fact used the same email here). Should I also notify the registrar or anyone else?
Given my account is highly secured and my email is visible to signed in users, I don't think a data breach is likely but I thought I should make this event known anyways.