tiny one use scripts to help pollute phishing databases. each script it named after the website that's hosting a phishing scam. read the source code and make sure to install the dependencies.

You're minding your own business and suddenly you get a txt message from a strange number. Huh, you decided to take a look and low and behold it's a message from your "cellular carrier":

FreeMsg: if you did not autorize any changes on your account please confirm your [CARRIER] account http://CARRIER.super-fishy-domain-name.info/index2.htm

Yes, autorize was actually spelled that way.

Well, you're feeling kind of adventurous and decided to check it out. Then it dawns on you, this website actually looks legit! You shed a single tear because you realize that the scammers are better at CSS than you. This website has the potential to fool plenty of people. As you poke around it becomes apparent that it's a classic phishing scam.

You should report the url and phone number to the carrier in question. Most carriers have an phishing/abuse section on their website. This should be done as soon as possible.

Pollution may be terrible for the earth but it's great for databases. The scammers are already in production and trying to take down a website permanently is fraught with legal issues. We can only assume that a number of people have already provided their real usernames and passwords. So, why not pollute their existing data as much as possible?

Fuck 'em. I didn't see a posted ToS on their site. And technically you are providing them with what they want: a username and password. It just happens to be fake.

• T-Mobile Phishing Reporting
• Sprint Reporting and Identity Scams
• Verizon Phishing Reporting Tool
• AT&T Text Message Scams