"The way these things work is that they act like they're the real login form, st... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

mrvenkman on Aug 13, 2020 | parent | context | favorite | on: Stopping phishing campaigns with Bash

"The way these things work is that they act like they're the real login form, steal your credentials and usually send you off to the real bank so you think you made a typo or something."

If that's the case then surely you're also flooding the bank's real site with GET requests after the redirection.

Cthulhu_ on Aug 13, 2020 | [–]

From cURL the author can ignore the redirect to the bank's real site though.

__s on Aug 13, 2020 | [–]

Bash doesn't have to follow the redirect

Even if, I'm sure the bank appreciates someone working against phishing. A few GET requests is something they're meant to handle. They have to be resistant to DDoS attempts from malevolent actors

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact