Phishing campaign impersonates Y Combinator using GitHub issue notifications
github.comDiscussed (and dealt with) here: https://news.ycombinator.com/item?id=45352610
(Multiple domains are being used.)
Yup, just got it in my email. At first I was intrigued, then I read the part where they say the application requires a refundable deposit for verification
> Next step: To confirm your preliminary registration and secure eligibility, please verify your wallet through Y Combinator. This step ensures fairness, safeguards against Sybil attacks, and does not require personal information. The process takes less than a minute: simply connect your wallet and sign a verification message.
> Important: A refundable deposit is required for authorization. The full amount will be returned once verification is complete
Also got this about an hour ago. I had previously applied to YC so thought it was about that, then saw
Important:
A refundable deposit is required for authorization.
At the bottom of each issue is a huge amount of whitespace, then they've stuffed it with a bunch of @'s to notify users.
https://i.imgur.com/LRotRlS.png
The link goes to a typo-squatted domain using an "l" instead of an "i".
Such phishing attacks using Github seem common these days.