We are seeing a phishing attempt that appears to be originating on workers.dev on the following URI:
dart-topup.paulobrien.workers.dev/security
Im sorry i dont really know what workers.dev is, what it does or how it works. How do i get this taken down? Is this something that is actually hosted by Cloudflare?
I have raised an abuse ticket with cloudflare but havent had any sort of response at all.
Frank
I’m surprised this didn’t happen earlier to be honest (it probably does, just isn’t openly published).
A “worker” works almost just like any server does, so there’s really no limit to what they can do.
So phishing and scams will probably occur more as workers gain popularity… 
So this is techincally a form of hosting then?
Cloudflares abuse team are totally unresponsive on the matter, I havent even had a confirmation that they revieced my request.
Thats actually a cloudflare message which is a start, but they need to take it down.
@harris @zack Tagging a bit to get CF eyes on it.
@Boohe Oh it’s certainly hosting, you can make full websites if you wanted.
I was seeing on the phone, and missed it was Cloudflare.
Abuse reports can be filed via our abuse form here: Abuse approach - Cloudflare once reviewed the team will respond.
Logged it yesterday morning, havent had anything yet.
I reported something a while back and they took care of it.
day 3, and its still up.
Found another one and submitted to Cloudflare abuse production.microsoftpassword-update0009-hfhfhf-draspy-rice-57e5.s-hiestand.workers.dev - urlscan.io
Bumping this old thread because it’s a top result on Google for workers.dev abuse
There’s a soultion to all of this! Report the link via https://abuse.cloudflare.com/ This form is NOT to be used for abuse reports!!
