gnyman's avatargnyman's Twitter Archive—№ 876

  1. Not very convincing mass phish still bypasses google spam and most anti virus. I assumed @Google had all the pieces it needs to flag this or take down this (semi)-automatically but still up 12-hours later after I reported it.
    oh my god twitter doesn’t include alt text from images in their APIoh my god twitter doesn’t include alt text from images in their APIoh my god twitter doesn’t include alt text from images in their APIoh my god twitter doesn’t include alt text from images in their API
    gnyman's avatar Mood -3 🙁
    1. …in reply to @gnyman
      I find it fascinating how Google can build Zanzibar but not flag this. To me it seems like it would be easy scoring 1. Does the gmail account generally mail me (or anyone?) links? No 2. Does the linked doc contain a link? Yes 3. Malicious link (maybe a VT lookup) ? -> Somewhat
      Permalink gnyman's avatar Mood +6 🙂
      1. …in reply to @gnyman
        4. Was it reported by the admin of a paying GSuite account as malicious? -> Yes I would have thought this would be enough to flag it, as "likely malicious" and display some kind of warning? Easy for me in hindsight, but we need to do better on this don't you think @mrisher ?
        Permalink gnyman's avatar Mood +3 🙂