Comment by theamk
Comment by theamk 8 hours ago
Do people really fall for scam like that?
First, I assume the author knows the email came from github, as the screenshot does not show this very clearly. If that's the case:
Red flag #1: email links to a variation of real domain. If you don't have information on who github-scanner.com is, it is pretty safe to assume it's a scam , just because it sounds like a real website.
GIANT Enormous Huge Red Flag #2: captcha asks you to types command in shell. I have no comment on how naive one must be to do this.
If this was within my first year of owning a GitHub account, I would absolutely fall for this.
It's not much different from setting up your ssh key - something that you have to do; and new users also go through this workflow by copy pasting commands that GitHub sends them.