Re: Spammers Using storage[.]googleapis[.]com ?!!?

[Jeffrey Walton <noloader () gmail com>]

On Tue, Aug 3, 2021 at 1:35 PM Nick Boyce <nick.boyce () gmail com> wrote:
> I notice that among the spam in my Gmail spam folder, there are a
> number of "address-check" type messages (i.e. that just seek
> confirmation my address exists), which attempt to get their response
> by performing a scripted redirect via a web property belonging to
> Google ...... and I tend to think "Huh? ... Surely Google wouldn't let
> that happen ... is this redirect something that by some chance they
> don't know about ?".
>
> Every link in the spam has the following HREF:
>
> https://storage[.]googleapis[.]com/medya00/redirectDOM80.html#[long-alphanum-string-that-presumably-identifies-me]
> ...
> FWIW, people complain that Amazon AWS is also abused in the same way.
>
> [No, I haven't bothered to let Google know directly - all of my
> attempts to let them know about other minor issues with their services
> have just resulted in a deafening silence - but I will try if folks
> think I should.]

That's nothing compared to Sharepoint and sharepointonline.com. I get
10 to 20 pieces of offensive emails daily from Microsoft's cesspool.
All using those useless redirects under the guise of "sharing a
document" with me and offering me sex.

Microsoft has more garbage spewing from their web properties than
Amazon, Google, IBM, Salesforce and Rackspace combined (based on my
experience).

sharepointonline.com is the crack neighborhood of the virtual world.
Microsoft is a slumlord...

Jeff

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/