Woker.dev phishing attempts

We are seeing a phishing attempt that appears to be originating on workers.dev on the following URI:

dart-topup.paulobrien.workers.dev/security

Im sorry i dont really know what workers.dev is, what it does or how it works. How do i get this taken down? Is this something that is actually hosted by Cloudflare?

I have raised an abuse ticket with cloudflare but havent had any sort of response at all.

Frank

1 Like

I’m surprised this didn’t happen earlier to be honest (it probably does, just isn’t openly published).

A “worker” works almost just like any server does, so there’s really no limit to what they can do.

So phishing and scams will probably occur more as workers gain popularity… :frowning:

So this is techincally a form of hosting then?

Cloudflares abuse team are totally unresponsive on the matter, I havent even had a confirmation that they revieced my request.

Google is already flagging for phishing.

Thats actually a cloudflare message which is a start, but they need to take it down.

@harris @zack Tagging a bit to get CF eyes on it.

@Boohe Oh it’s certainly hosting, you can make full websites if you wanted.

1 Like

I was seeing on the phone, and missed it was Cloudflare.

1 Like

Abuse reports can be filed via our abuse form here: https://www.cloudflare.com/abuse/ once reviewed the team will respond.

Logged it yesterday morning, havent had anything yet.

I reported something a while back and they took care of it.

day 3, and its still up.