from mastodon.social , almost as usual. Open registration instances allow this to happen time and again. I've resorted to informing targeted users that it is a malware/phishing/spam campaign and that they shouldn't interact with any of those posters nor the links they facilitate, they should report the user and block them. But we all know it's a matter of numbers, stealing less than 10 in 1000 people's data is enough profit for the spammers.

@jt_rebelo it’s a compromised user account from 2023, nothing to do with open registration.

@GossiTheDog I understand. But there are thousands of those and almost all I've seen come from mastodon.social, any leak or IT incident that could explain that (apart from the "same password used everywhere" point)? Thank you.
@hrbrmstr