Super interesting. I've been getting increasingly intense phishing stuff related to citi bank credentials (my account was hacked verify my credentials on shady citi site) as well as AT&T bill being paid (collect my prize for paying my bill).
They haven't managed to hijack an actual sender though, and their domain names still look slightly shady because they're things like citi01.
They AT&T one is html wrapped so I can't even click the link without seeing what it is (and don't want to because maybe there is some exploit that launches an app that does something? Am I too paranoid?)
Don't click on the link itself from any device that has personal data, but I wonder if there's any exploits/cybersecurity fellow out here who'd like to check the link to see what it has.
They haven't managed to hijack an actual sender though, and their domain names still look slightly shady because they're things like citi01.
They AT&T one is html wrapped so I can't even click the link without seeing what it is (and don't want to because maybe there is some exploit that launches an app that does something? Am I too paranoid?)