Checked MX records, this domain is via Cloudflare.
What are the steps to reproduce the issue?
Someone set up a throwaway account @oletters.com, can’t see how to access that or report issues of it being used for hacking. They’ve used it to break into someone’s Facebook account by fooling them into sending a security code.
Thanks. I’ve done that, so will see if they come back with anything.
It isn’t a website problem as such, but they’ve used the throwaway domain to setup an email address that is on CloudFlares servers, or at least proxied by them.
You will only probably only hear back if anything needs clarifying. As Cloudflare doesn’t offer mailboxes, only mail forwarding, it may be the report will be forwarded to the mail provider behind (which is what happens with proxies for web sites).
Hey, any luck in getting this sorted. I am one of those fools who got duped into sharing a code, now my account is fully hijacked, all passwords, emails and devices changed and 2FA added so am totally locked out. Literally all I have to go is the email address they set up to attach to the profile which is [email protected]
Very conscious of vulnerable people who may be duped by something from my account