Fake OpenAI / Anthropic / Vertex AI / AWS Bedrock API key leak lure — "your API key was exposed in a public GitHub repo, rotate immediately or incur charges" targeting developers with paid AI API keys; key + billing-dashboard harvest enables $10K-$100K+ rapid drain at high-end model rates + billing-email rotation to hide usage alerts

Fake "your OpenAI / Anthropic / Google Cloud Vertex AI / AWS Bedrock API key has been exposed in a public GitHub repository — your key is being used for attacker workloads, rotate immediately" email targeting developers who hold paid AI API keys. Different attack shape from `fake-chatgpt-plus-subscription-renewal-lure` (consumer Plus subscribers) — this targets DEVELOPERS with pay-as-you-go production API keys tied to credit cards, where compromise economics are far more severe. Post-compromise attackers: (1) run workloads on the victim's API key until the organization hits its rate or spend limit ($10K-$100K+ in hours at high-end model rates); (2) exfil the full billing dashboard history + linked payment card; (3) rotate billing email to an attacker-controlled address so the victim doesn't see usage-alert notifications; (4) if the key has write access to uploaded training data or custom models, exfil proprietary fine-tune data and prompts. The lure converts because developers DO routinely commit API keys to public repositories by accident — GitHub publishes real weekly secret-scanning statistics showing thousands of keys exposed per week. The "rotate now or incur charges" urgency is exactly how OpenAI and Anthropic's real secret-scanner alerts are phrased, so the phish structurally mimics genuine notifications. Fires when body references OpenAI API / Anthropic API / Claude API / Google Cloud Vertex AI / AWS Bedrock / Azure OpenAI / platform.openai / console.anthropic AND contains key-exposed-leaked-compromised / public GitHub repo / rotate immediately / unauthorized-usage / billing drain urgency. Excludes openai.com, platform.openai.com, anthropic.com, console.anthropic.com, google.com, cloud.google.com, amazon.com, amazonaws.com, github.com, githubmail.com, microsoft.com, azure.com. Auto-classified as danger via the `-lure` suffix.