abraham @abemil7 - Twitter Profile

21 days ago

software has really degraded from fortune 500 companies ever since ai. upgraded to the new antigravity and it completely nuked my settings and buffer files.

0

32

abraham

@abemil7

23 days ago

keep your friends close but keep your feedback loops even closer

0

3

abraham

@abemil7

25 days ago

these models be leaving lot of prompt debt sometimes

0

3

abraham

@abemil7

25 days ago

@thekitze yes exactly right

0

16

abraham

@abemil7

26 days ago

Agent runtimes get better when screenshots, DOM, network traces, files, and delegated work are inspectable data worlds instead of hidden magic. The hard part is proving every action changed the world you meant to change.

0

25

abraham

@abemil7

26 days ago

@MarwaEldiwiny overstimi

0

1

0

13

abraham

@abemil7

about 1 month ago

@teej_dv many such cases

0

1

0

204

abraham

@abemil7

about 1 month ago

anyone else notice that /goals seems to retain previous non related /goals. its kinda annoying and untrustworthy

0

18

abraham

@abemil7

about 1 month ago

@BreitbartNews it sounds like she is talking to claude code

0

13

abraham

@abemil7

about 1 month ago

@_chair ig people just love to project huh

0

1

0

67

abraham

@abemil7

about 1 month ago

@RobinhoodApp has sent an email regarding the matter

0

450

abraham

@abemil7

about 1 month ago

Got a legit-looking @RobinhoodApp email today. Haven’t touched the account in years. Downloaded the raw .eml and checked headers. SPF ✅ DKIM ✅ DMARC ✅ It was actually sent from Robinhood’s infrastructure. But the body had a phishing payload injected into it. The top half of the email was normal: “Your recent login to Robinhood” Then inside the HTML, mid-content, it suddenly injected: “UNRECOGNIZED ACTIVITY — Case #RH-6801” with a “Review Activity” button. That button did NOT go to https://t.co/RXJ61bMFI5. It went to: https://t.co/QUvswTCtYV → redirect → https://t.co/WgAT6EyaNc Classic cloaking. This is what makes it dangerous: This isn’t a spoof. This isn’t a random phishing email. It passed all authentication checks and came from a real sender. What likely happened: Some part of the email pipeline (template / dynamic field / notification system) got abused and allowed HTML injection. So attackers piggybacked on a legit email. Why this matters: Most advice says “check the sender”. That doesn’t work here. Everything looked legit at the header level. What to do instead: Never click email buttons for anything financial Always go directly to the app or type the URL manually Treat urgency + “case numbers” as a red flag Inspect link destinations (not just the visible text) If something feels off, it probably is What I did: I downloaded the .eml file and sent it to an AI to analyze Logged in manually Changed password Rotated 2FA Checked devices + account changes If you use Robinhood (or any fintech), assume this technique will get reused. Real emails can still be weaponized. Stay sharp.

abemil7's tweet photo. Got a legit-looking @RobinhoodApp email today. Haven’t touched the account in years.

Downloaded the raw .eml and checked headers.

SPF ✅
DKIM ✅
DMARC ✅
It was actually sent from Robinhood’s infrastructure.
But the body had a phishing payload injected into it.

The top half of the email was normal:
“Your recent login to Robinhood”

Then inside the HTML, mid-content, it suddenly injected:

“UNRECOGNIZED ACTIVITY — Case #RH-6801”
with a “Review Activity” button.

That button did NOT go to https://t.co/RXJ61bMFI5.

It went to:

https://t.co/QUvswTCtYV → redirect → https://t.co/WgAT6EyaNc

Classic cloaking.

This is what makes it dangerous:

This isn’t a spoof.

This isn’t a random phishing email.

It passed all authentication checks and came from a real sender.

What likely happened:

Some part of the email pipeline (template / dynamic field / notification system) got abused and allowed HTML injection.

So attackers piggybacked on a legit email.

Why this matters:

Most advice says “check the sender”.

That doesn’t work here.

Everything looked legit at the header level.

What to do instead:

Never click email buttons for anything financial

Always go directly to the app or type the URL manually

Treat urgency + “case numbers” as a red flag

Inspect link destinations (not just the visible text)
If something feels off, it probably is

What I did:
I downloaded the .eml file and sent it to an AI to analyze
Logged in manually
Changed password
Rotated 2FA
Checked devices + account changes

If you use Robinhood (or any fintech), assume this technique will get reused.

Real emails can still be weaponized.
Stay sharp.

15

49

8

18

9K

abraham

@abemil7

about 1 month ago

@slattxbt @RobinhoodApp same, also i get calls everyday now from services asking for my 2fa :/ mostly from apple. i can imagine how they prey on the elderly

0

2

0

427