I've seen a recent surge in phishing attempts that post a markdown phishing message as an Issue in order to trigger GitHub to (legitimately) send an email that looks like a security warning to all repo followers.For example: https://github.com/aojibril, https://github.com/transporindo, https://github.com/kirukatodrag