Phish/criminal behavior?

fveaux · December 28, 2023, 3:03am

I’m receiving scores of text messages advertising fake USPS sites, fake XFinity phish sites, and computer virus droppers. Every single one of the URLs is a fly.io URL. I notify fly.io security, and three months later the phish URLs are still active, and I just get a generic reply, “We have notified our customer.”

Is fly.io so desperate for business they permit malware and phish sites, or is their abuse team asleep at the switch? This is quite astonishing behavior.

Some examples:

http://zveeyou.com/7Xy1E8G8
FakeAV malware

http://mirumbf.com/KJeQ09Vp
FakeAV malware

http://qjkwmww.com/yng4eExR
Fake USPS phish

http://wnddwet.com/KJe40qm5
FakeAV malware

http://pdxftwt.com/ER39R0rR
XFinity phish

http://plefaas.com/rNzdEAEW
FakeAV malware

http://oitbaon.com/A3B6vBOe
FakeAV malware

system · January 4, 2024, 3:03am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Demo site got flagged for phishing	5	514	October 27, 2020
Trojan found in fly directory Questions / Help	0	404	December 14, 2022
Your user is currently restricted to one organization. Questions / Help	1	292	May 1, 2023
Using Fly for adult websites	7	2142	September 10, 2023
Unreasonable Fraud Detection Questions / Help	2	538	March 6, 2023

Phish/criminal behavior?

Related topics