Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Would you hijack phishing websites via your public API?
1 point by throwawayxs on April 18, 2015 | hide | past | favorite | 1 comment
I run a public API that returns results in, among other formats, JSONP.

Some phishing websites started using it some years ago, and ever since I noticed them, I've been really tempted to hijack their victims JSONP calls and redirect them to an anti-fraud website or provide some similar warnings.

Obviously, this could backfire on me and hurt my reputation.

Should I forget about this, and just keep doing what I've been doing; reporting them to their hosting providers?




This post got caught by a spam filter. We monitor those and unkill the legit ones, but don't always get there in time. You're welcome to repost it. We've marked your account legit so the filter won't apply.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: