Search results for tag #scam
Possible Phishing 🎣
on: ⚠️hxxps[:]//instagram-uson[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69d8d8453b77500007c1cb23
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//mtcfiber[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69d902903b775000096db02f
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//amazon-clone-taupe-xi[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69d8d8523b775000096daa99
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//compra-shopee[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69d8a0073b775000096da354
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//westernuni0ninternationaltransactions[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d899bb3b775000096da2b8
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//myvisionsfedcuonlineghvfcuindexphp[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d8ae103b77500008af6520
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//093421tr[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d883ef3b77500004a8ab4f
#cybersecurity #phishing #infosec #urldna #scam #infosec
From call scripts and scams to command and control—Southeast Asia’s scam centres are levelling up.
In our latest research with Chong Lua Dao, we track a sophisticated Android banking trojan directly to the K99 Triumph City scam compound in Sihanoukville, Cambodia, and the high-ranking political elites behind it.
Using a combination of technical analysis, infrastructure patterns, and operational visibility provided by former captives, we were able to map thousands of targeted lure and C2 domains used to distribute and administer the malware across Asia, Africa, Europe, and Latin America.
What we uncovered is a turnkey malware-as-a-service (MaaS) platform sold to scam-centre based criminal networks, including K99, enabling real-time surveillance, credential theft, biometric data exfiltration, and financial fraud on a global scale. Victims are funnelled through domains impersonating government services, financial institutions, e-commerce platforms and airlines, with new domains registered every month.
In addition to giving criminal operators complete control over infected devices, behind the malware sits a highly coordinated operation. Our investigation unpacks the whole thing, revealing multiple C2 panels organised by country and “customer” as well as the integration of AI-driven tools used to support attacks targeting victims in at least 21 countries and 15 languages.
What’s more, we have found that there is significant overlap with the infrastructure and business networks attributed to the DNS threat actors Vigorish Viper and Vault Viper, highlighting the continued evolution of the regional cyber threat landscape.
👉 Read the full report here: https://www.infoblox.com/blog/threat-intelligence/scams-slaves-and-malware-as-a-service-tracking-a-trojan-to-cambodias-scam-centers/
👉 We spoke to the Economist to explain how the scam centre threat is shifting: https://www.economist.com/interactive/asia/2026/04/10/scam-inc-has-a-new-weapon?fsrc=core-app-economist
#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #malware #scam
Possible Phishing 🎣
on: ⚠️hxxps[:]//135461223[.]site/465/7717c2b3-2f3a-4816-a65c-39bf9267f74a/728738
🧬 Analysis at: https://urldna.io/scan/69d8d2043b775000060681d8
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//mailforapps[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d78e913b775000092347c6
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//1vfcuonline[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d772643b7750000923440b
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//ahmedsoumri[.]github[.]io/NETFLIX/
🧬 Analysis at: https://urldna.io/scan/69d7b8ac3b77500009234dec
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//shawsynre1[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d75ca23b775000092340bc
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//amazon-clone-ochre-three[.]vercel[.]app/
🧬 Analysis at: https://urldna.io/scan/69d79ca43b77500009234a0b
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//roblox[.]com[.]ge/communities/5032828635/
🧬 Analysis at: https://urldna.io/scan/69d7b1173b77500009234ce1
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//ahmedsiddiqui1948-tech[.]github[.]io/Amazon-clone/
🧬 Analysis at: https://urldna.io/scan/69d7aab63b77500009234bf4
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//onlinestlouiscommunitycu[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d780ab3b7750000923461f
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//docs[.]google[.]com/drawings/d/1kJUO4o5XHCN1aVRTQZ_pRyPXlJSl9uFTz-DvYua6FHA/edit
🧬 Analysis at: https://urldna.io/scan/69d7247a3b77500007bb89de
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//returnersres[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d66d9d3b77500009b45269
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//robiox[.]com[.]af/users/2664643693/profile
🧬 Analysis at: https://urldna.io/scan/69d6a5bc3b77500009232b9a
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//btnewmailser[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d689b33b77500009232760
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//att53[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d659333b77500009b44f4c
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//btinternettttttbtjjjjjjj[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d635563b77500006310fcb
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//concavewrioukhwri31i784265i-yuhjbn5tkej[.]webflow[.]io
🧬 Analysis at: https://urldna.io/scan/69d63cf43b775000033f0387
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//bbsancon[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d546253b77500005d2f216
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//netflix-clone-ruby-ten[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69d57e883b77500009b43531
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//owacredilityaccess19[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d4a53f3b77500005d2da33
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//kapilananda[.]github[.]io/netflix-homepage-/
🧬 Analysis at: https://urldna.io/scan/69d4d5c53b77500005d2e16d
#cybersecurity #phishing #infosec #urldna #scam #infosec
The domain .cn name scam is still ongoing, one more entry added to https://nxdomain.no/~peter/domainnamescam/ (this time addressed to a list owner address).
Also see https://nxdomain.no/~peter/domain_name_scams_are_alive_and_well_thank_you.html #dns #scam #cndomains #chinadomainservice #domainnamescam #cybercrime
Possible Phishing 🎣
on: ⚠️hxxps[:]//mailnewupdateservice1[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69d410d43b77500007ee3d22
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//daviviendaenli[.]webcindario[.]com
🧬 Analysis at: https://urldna.io/scan/69d3a0703b77500007ee2d63
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//amazon-clone-blue-ten[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69d3e04a3b77500007ee362b
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//martmay[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d3a8133b77500007ee2e51
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//jjuhhhhhj[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d3ae6a3b77500007ee2f2f
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//adobe[.]authorised-support[.]com/login/CFf9aOkGWsy07i0s-EFU1vq3ThKYAREV3UkY=9CA==4VVBbVlFrWFtTXVo=/dfeyClRYnL-1gpHBCdJsrrxWw6mYBr3P/
🧬 Analysis at: https://urldna.io/scan/69d3d89e3b77500007ee34fd
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//fsb4me[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d38c013b77500005aa805d
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//www[.]robiox[.]com[.]py/users/301352583815/profile
🧬 Analysis at: https://urldna.io/scan/69d3bc8b3b77500007ee3115
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//hmrghavfjkp[.]firebaseapp[.]com
🧬 Analysis at: https://urldna.io/scan/69d1ec693b775000064cecb0
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//uctacza[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69d1e60a3b77500005285a0a
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//netflix-clone-beige-ten[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69d22c7f3b775000064cf2bb
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//netflix-clone-khaki-seven[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69d105213b7750000966c4b8
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//amazon-clone-seven-sand[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69d105263b7750000966c4be
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//netflix-clone-olive-mu[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69d105203b7750000966c4b6
#cybersecurity #phishing #infosec #urldna #scam #infosec
https://youtu.be/ucRTW4rgrbU?si=1CXNoAIw-ZZTxdXt
wtaf
I'm unsure how this fell into my feed, but dayum
Possible Phishing 🎣
on: ⚠️hxxps[:]//135461223[.]site/sv/470/0996794f-0756-4cd5-9dad-3a7948d3c799/710612/x
🧬 Analysis at: https://urldna.io/scan/69cfc8113b77500002d338ed
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//www[.]robiox[.]com[.]py/users/184819522643/profile
🧬 Analysis at: https://urldna.io/scan/69cfd61c3b77500002d33ad4
#cybersecurity #phishing #infosec #urldna #scam #infosec
RE: https://mas.to/@brianvastag/116337992229203151
What's it called when you falsely elevate a stock price to personallly profit?
What's it called when a group of companies or people join in together to do the same?
🤔
What's it called when a majority of the economy is wrapped up with this plan?
AodeRelay boostedGood news!
Data centers are being cancelled.
https://futurism.com/science-energy/data-centers-construction-supply
Possible Phishing 🎣
on: ⚠️hxxps[:]//officeserviceit[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69ce84773b77500007a3ea37
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//loginacstrasbourgfrdpprofileo0cauthorize1executione1z9e9[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69ce7e4a3b775000023e9212
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//t[.]co/5CdN87q1sC
🧬 Analysis at: https://urldna.io/scan/69ce0dca3b775000023e83f2
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//rvsharesecurity[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69ce7e223b775000023e91d4
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//inf-umw-edu[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69ce698e3b775000023e8f0f
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//ensparis-saclay-fr[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69cde3813b77500009d6a8c8
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//academicsheets[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69cdf17e3b775000023e8095
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//bit[.]ly/SetelSIg
🧬 Analysis at: https://urldna.io/scan/69ce37ef3b775000023e8953
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//michaelbattams11[.]wixsite[.]com/my-site-1
🧬 Analysis at: https://urldna.io/scan/69ce30353b775000023e87e5
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//bafybeigxo6j2qcjguovcon5c3yycehh7qxajgh6wsiih3btdomgpldkfxa[.]ipfs[.]dweb[.]link/
🧬 Analysis at: https://urldna.io/scan/69ce30233b775000023e87c2
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//docs[.]google[.]com/presentation/d/e/2PACX-1vRu7zPJneJthleTb63I4mxFYOLg720Y0CxGVrtUojrJ9g_VbO6LCQZwTOkgRJJnZ2EZ4cKgweUvdSte/pub?start=false&loop=false&delayms=3000
🧬 Analysis at: https://urldna.io/scan/69ce3e413b775000053388e6
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//statementupdatemailbox[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69cd64e03b775000080d9215
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//attvesie[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69ccfabf3b775000080d8399
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//corcorangroup[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69cd56d23b775000080d8ffd
#cybersecurity #phishing #infosec #urldna #scam #infosec
New.
Group-IB: Hooking the Archipelago: Dissecting a Phishing Campaign Targeting Philippine Banking Users https://www.group-ib.com/blog/phisles-phishing-banks-philippines/
Any.Run: Major Cyber Attacks in March 2026: OAuth Phishing, SVG Smuggling, Magecart, and More https://any.run/cybersecurity-blog/major-cyber-attacks-march-2026/ @anyrun_app
Kaspersky: A laughing RAT: CrystalX combines spyware, stealer, and prankware features https://securelist.com/crystalx-rat-with-prankware-features/119283/
Halcyon: How One Letter Hid a Ransomware Army https://www.halcyon.ai/blog/how-one-letter-hid-a-ransomware-army-qilin #threatresearch #ransomware #infosec #phishing #scam #spyware #malware
Possible Phishing 🎣
on: ⚠️hxxps[:]//pdfonlineproductlcatalogue[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69ccd0883b775000080d7e1c
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//t[.]co/8EIdy10gLR
🧬 Analysis at: https://urldna.io/scan/69ccc7803b775000080d7cea
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//zimbratrabajandomx1[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69cbef9c3b77500007549c9b
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//amazone-clone-lilac[.]vercel[.]app
🧬 Analysis at: https://urldna.io/scan/69cbdb213b7750000449ea05
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//docs[.]google[.]com/presentation/d/e/2PACX-1vSP5MWbZFTn5pvGylpIQJ-Dt6luWKxYiaBRnwFEdPiTN_PspjLqx1FB5gN8A4_xiaKn4WyQ8kB0a9VZ/pub?start=false&loop=false&delayms=3000&pli=1&slide=id[.]p
🧬 Analysis at: https://urldna.io/scan/69cd10a13b77500003bb0c57
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//savvh[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69ccc7793b775000080d7cd5
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//cnbasprologiusaa[.]godaddysites[.]com
🧬 Analysis at: https://urldna.io/scan/69ccdead3b775000080d7ff4
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//merenciano[.]net/serviciodecorreo/login/
🧬 Analysis at: https://urldna.io/scan/69cd02923b775000080d8485
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//www[.]roblox[.]com[.]kz/games/75992362647444/TOTEMS-Tap-Simulator?privateServerLinkCode=70866209249101970327377432676230
🧬 Analysis at: https://urldna.io/scan/69cbcd1f3b77500007549b54
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//escuelasuniversitariasgimbernat-eug[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69cb86c73b7750000449de60
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//protonnmail[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69cbe96f3b7750000449ec2d
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//mrehanrizwan442[.]github[.]io/insta_login/
🧬 Analysis at: https://urldna.io/scan/69cbbf043b7750000269a191
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//locatel[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69cb86cd3b7750000449de68
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//iiyout[.]cn
🧬 Analysis at: https://urldna.io/scan/69ca57dd3b7750000834789c
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//guwpkqgd[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69ca65dc3b77500008347a07
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//anandsr-dev[.]github[.]io/facebookclone/
🧬 Analysis at: https://urldna.io/scan/69ca272f3b77500008347271
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//hindujahospital-com[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c9226b3b775000081b6074
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//bit[.]ly/3YTPNc4
🧬 Analysis at: https://urldna.io/scan/69c8f82f3b775000081b5c66
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//martinosabri[.]github[.]io/netflix
🧬 Analysis at: https://urldna.io/scan/69c86ba53b7750000203a2f9
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//tongdaicuuho119[.]vn/wp-admin/network/[.]clone_hr1MUFcW/[.]clone_hr1MUFcW/trgg4tyu/mozart/email1[.]php
🧬 Analysis at: https://urldna.io/scan/69c85d923b7750000203a1f7
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//ulsan-national-institute-of-science-and-technology[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c81f143b77500002039c8e
#cybersecurity #phishing #infosec #urldna #scam #infosec
A little concerned about this text. I don't recall ever sharing my phone number and sure as heck didn't sign up with anyone for the event I attended today.
Just a fishing scam playing the odds or should I be paranoid?
Note that the domain in the text is not .org which appears to be legit but .us which appears to be scammy.
Be careful who you share your information with.
#Boston #NoKings #Security #Scam
Alt...
screenshot of a text from 771 208 3071 which reads
You marched, now finish it! Sign the No Kings Act petition to stop Trump's power grab before it's too late. Add your name: forwardblue.us/l/vDCJZX
Possible Phishing 🎣
on: ⚠️hxxps[:]//mgamt[.]com/landing/form/bbeb1a00-ce9c-4a04-ae75-8ab967c7139f
🧬 Analysis at: https://urldna.io/scan/69c879a53b775000081b52a0
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//loginacstrasbourgfrdpprofileo1cauthorize1executione1x14[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c833583b775000035a8f2f
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//nfnftwelcanorthwestelcalas[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c833643b77500002039dff
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//www[.]robiox[.]com[.]py/users/138127799852/profile
🧬 Analysis at: https://urldna.io/scan/69c86bb23b77500005fd021d
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//shaw11update[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c81f0f3b77500002039c7e
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//kmctartscalicut[.]org/wp-includes/widgets/moi[.]wellce/zkzywi=/ge3zgq=/dexmzi=
🧬 Analysis at: https://urldna.io/scan/69c857393b77500005fd01c6
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//fortezavog[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c810d73b77500005fd0078
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//gmxdexxvz[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c84fab3b77500005fd01ac
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//stu-ukznadministratorsupportupdate[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c802cf3b77500002039a14
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//csemizuho[.]fr
🧬 Analysis at: https://urldna.io/scan/69c83b0e3b77500002039ebb
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//eebroadbandbtinternet[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69c7bc7c3b77500005fcfed7
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//jardolitajarvis55[.]wixsite[.]com/bellsouth
🧬 Analysis at: https://urldna.io/scan/69c7c2e53b775000020394af
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//1919182[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c825693b77500002039cf9
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//niffty[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69c7c2e33b775000046bca4a
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//hm[.]ru/LyiWa5
🧬 Analysis at: https://urldna.io/scan/69c7e6df3b77500002039794
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//flamvido11[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69c7d0e13b775000020395c6
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//gmx-hilfedienst111[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69c78aaf3b77500003870a19
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//pub-44935a18ffd14c8d9a1c0c39e1e4fca4[.]r2[.]dev/index[.]html
🧬 Analysis at: https://urldna.io/scan/69c68d8a3b7750000426b9ca
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//mgamt[.]com/landing/form/cbfc9e66-dd60-4119-88e5-cdfd15b7038c
🧬 Analysis at: https://urldna.io/scan/69c61ce43b775000098e49ea
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//homepage--btimart-bb-auth[.]webflow[.]io/
🧬 Analysis at: https://urldna.io/scan/69c61d063b7750000412d360
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//docs[.]google[.]com/presentation/d/e/2PACX-1vSCGHNyB1XM2uTSWPEbm0ebXCGpZjU_U7mLS7dOcL3zUbm6ho5jEVhS-KA9EBCOllMukX-BTz24UZ8U/pub?start=false&loop=true&delayms=3000
🧬 Analysis at: https://urldna.io/scan/69c65cde3b7750000426b39c
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//sweepstakeswinner[.]godaddysites[.]com
🧬 Analysis at: https://urldna.io/scan/69c5fa933b7750000412d025
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//yungjuice777[.]github[.]io/Netflix-clone
🧬 Analysis at: https://urldna.io/scan/69c632d43b7750000412d5a6
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//csefcu[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69c647453b7750000426b082
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//form[.]jotform[.]com/252075695944065
🧬 Analysis at: https://urldna.io/scan/69c558193b775000070c27c1
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//wemailacmontpellierfristatic0110nalldomainlayoutoginbrodcs[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c38fdc3b7750000420ba17
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//webmaiips[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69c551e63b775000070c26db
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//roblox[.]com[.]ge/communities/812440434/
🧬 Analysis at: https://urldna.io/scan/69c50b743b7750000605ccff
#cybersecurity #phishing #infosec #urldna #scam #infosec
Seeing FQDNs like "mtmoqiuq.20.218.142.124.static.hostiran[.]name" and "sgrwnbid.172-202-98-170.cloud-xip[.]com", we first thought some ASNs could be exploited similarly to the ".ARPA abuse" we described in one of our recent blogs. Turns out we were overthinking it... This kind of "DNS abuse" is so straight forward... We're not sure it qualifies as DNS abuse...
Here is what is going on: Whatever IP address you prepend to "static.hostiran[.]name" creates a hostname which resolves to this IP... That is it! Same goes for cloud-xip[.]com!
We've seen these kinds of hostnames a lot in SPAM emails recently, like the one we screenshot below which loads an image from a CDN as a giant hyperlink. We aren't sure why malicious SPAM actors bother to use this trick in their email links... If they control an IP, they can use it directly in URLs. They don't need a domain name!? And it isn't like this bypasses a firewall... If their IP is blocked, queries to those FQDNs will be too...
Our best guesses are that:
- Using hostnames rather than IPs helps them bypass SPAM email detection?
- And / or it enables them to create "subdomains", which they seem to be doing to track something, either SPAM campaigns, or their victims.
Technically, this could be used to create lookalike FQDNs. Those examples look like random subdomains, but literally anything can be prepended to the IP, so the only limit is your imagination! Not the most convincing lookalike by any means... but we've seen worse!
Here is an example of how this can be abused to both, load content from literally any IP, and create low quality lookalikes:
https://urlscan.io/result/019d1b3d-b94e-70f9-aae7-ecf5a02e3c89/
#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #spam #scam
Alt...
SPAM email pretending to be from the company "Rate Kick" advertising cheap home insurance with a big red button saying "Save Now". Clicking anywhere on the email opens a new browser window with a unique URL using one of the host-names mentioned in the post.
Possible Phishing 🎣
on: ⚠️hxxps[:]//tbaytelserivcess[.]weebly[.]com/
🧬 Analysis at: https://urldna.io/scan/69c551dd3b7750000acf23f1
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//yaseenibnkhan[.]github[.]io/Amazon/
🧬 Analysis at: https://urldna.io/scan/69c511c23b7750000605cd44
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//ayush5683[.]github[.]io/insta/
🧬 Analysis at: https://urldna.io/scan/69c519933b775000070c1e15
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxp[:]//netflix-free[.]vercel[.]app/
🧬 Analysis at: https://urldna.io/scan/69c50b6e3b775000070c1b8a
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//www[.]robiox[.]com[.]ps/users/2292934203/profile
🧬 Analysis at: https://urldna.io/scan/69c519943b775000070c1e18
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//specialforcerush[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c4fd5d3b775000070c1975
#cybersecurity #phishing #infosec #urldna #scam #infosec
Dear Spammers and Scammers over on Tumblr, I know exactly what you are trying to do when you start an unsoliticed message to me with "Hello, how are you doing". You are trying to get a conversation with me going.
Well, I am a neurodivergent person and I am not into small talk. So just tell my right away what you want (or offer), so that I can block you even faster. 😠
(Latest case was a guy who apparently is a paid beta reader. Not interested in that.)
Possible Phishing 🎣
on: ⚠️hxxps[:]//pub-8336b0583b8e4a85a04634b2a34885be[.]r2[.]dev/grgeon[.]html
🧬 Analysis at: https://urldna.io/scan/69c52df13b775000070c2132
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//ugaalpes[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c36bd23b7750000420b65d
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing 🎣
on: ⚠️hxxps[:]//rediffmaiii[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c25a673b7750000585ed7b
#cybersecurity #phishing #infosec #urldna #scam #infosec
Dios mio! While researching a particular type of Colombian folk music, we stumbled across a .edu domain selling... accordions? Our first thought was potentially domain hijacking, but it appears to be more likely an exploitation of CVE-2026-27210 (TLDR; cross-site scripting). While the vulnerability has been patched in the plugin itself, not all pages have updated their plugins, and search engines have already indexed the poisoned pages! Pivoting led to 50+ additional domains found spread across three risky TLDs: .sbs, .pics, and .shop. The domains on .sbs and .pics appear to be config servers to exploit the vulnerability; the domains on .shop are the landing pages where victims can be scammed.
IOCs:
000o[.]sbs,0pen[.]sbs,123buys[.]shop,123me[.]shop,1bg[.]pics,1ki[.]pics,1mage[.]sbs,1ql[.]pics,1ty[.]pics,1vi[.]pics,1wr[.]pics,2ty[.]pics,569oagri[.]shop,66buys[.]shop,6ip[.]pics,6ym[.]pics,7rt[.]pics,8pi[.]pics,99buys[.]shop,99i[.]pics,9gwe[.]shop,a25n[.]shop,bk2[.]pics,bk59t[.]shop,buysok[.]shop,c68k[.]shop,cc1[.]pics,doo[.]pics,ep7[.]pics,estore-1[.]com,g9gvv[.]sbs,gaer896[.]shop,gm5[.]pics,gosok[.]shop,gt3[.]pics,h66p[.]shop,hh6[.]pics,iilvw[.]sbs,im9[.]pics,img1[.]sbs,in6[.]pics,jj3[.]pics,kk9[.]pics,lilil[.]sbs,llvvw[.]sbs,m66p6[.]shop,mebuys[.]shop,mg6[.]pics,mh8f6k[.]shop,mkk[.]pics,ms1[.]pics,nn6[.]pics,onsgs[.]com,p6[.]pics,p888p[.]shop,pan1[.]top,pic1[.]sbs,pic2[.]sbs,pt11[.]sbs,py3y[.]com,qq1[.]pics,rey89p[.]shop,shop56[.]shop,t88t8[.]shop,tp1[.]pics,tp9[.]pics,trues[.]sbs,up9[.]pics,upimg[.]sbs,uu2[.]pics,vt5[.]pics,vteyu[.]shop,vvf1[.]sbs,vvp1[.]sbs,w2w[.]pics,w88p[.]shop,wp59q[.]shop,wvlll[.]sbs,wvv1[.]sbs,wvvvv[.]sbs,x2p[.]pics,xyaer548[.]shop,yi1[.]pics
#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #seo_poisoning #seopoisoning
Possible Phishing 🎣
on: ⚠️hxxps[:]//loginacstrasbourgfrdpprofileo1cauthorize1executione1e13[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/69c276a03b775000086c2241
#cybersecurity #phishing #infosec #urldna #scam #infosec
🛡️ #Cybersecurity news & tips across the #fediverse 👇
“Possible Phishing 🎣
on: ⚠️hxxps[:]//www[.]robiox[.]com[.]py/users/493233288195/profile
🧬 Analysis at: https://urldna.io/scan/69c171c73b77500009ac14be
#cybersecurity #phishing #infosec #urldna #scam #infosec”
https://infosec.exchange/@urldna/116279791129107609
🤖 via RSS feed. Not an endorsement.