
Ask HN: Who is sending “notification” phishing emails? - herodotus
Who is sending the &quot;notification&quot; phishing emails? Who gave them the toolkit? Every day I get a few of these, supposedly from LinkedIn, Fedex, Apple and so on. Their pitch changes a little over time, but I notice the same grammatical and typographical errors in batches. I have done some reversing - they all have similar simple JS redirects. Sometimes the final destination is just a commercial website. Other times the destination is harder to discover, because the remote script is somewhat smart (seems to at least check the client type of the get request). Who is sending these, and where did they get the obviously widely shared toolkit?
======
jrowley
I haven't received anything like this, so maybe you are being targeted?

