2024-05-29 - Tech Support Scam - Phishing Capmapign Observation Alert

on

60 Phishing Websites for Tech Support Scam Detected in the Past 24 hours

This report has been created to alert potential mass phishing campaign which was recently conducted.
We have observed60 possible phishing websites for the Tech Support Scam in the past 24 hours. This suggests that mass phishing campaign has potentialy been conducted recently. Analysts are need to keep eyes on phishing websites as listed below or similar.

Observed Phishing Website Example

Recent IOCs

  •  hxxps://uwegghwwrubggnruwherh[.]azurewebsites[.]net/
  •  hxxps://bvruebuerubuerbbiaegverg[.]azurewebsites[.]net/
  •  hxxps://seal-app-pjwse[.]ondigitalocean[.]app/Wi0n010B00Er00100dd020/index[.]html
  •  hxxps://stagapssamsump5611ing[.]dwpmc29f1ofkj[.]amplifyapp[.]com/
  •  hxxps://aao5-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://aao5-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://f2u9dzffhv7jx[.]pages[.]dev/smart89/
  •  hxxps://www[.]page-kyxvwqisziq[.]shop/ll1504/index[.]php
  •  hxxps://mnnn3[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://23rdmayarwin1[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://smd1[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://smd1[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://smd1[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://kds3-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://smd3-secondary[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://smd3-secondary[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://hbfpb9xvxgim0owuxky[.]pages[.]dev/smart89/
  •  hxxps://lla11[.]z8[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=1-855-444-0481
  •  hxxps://tronbk8y5d[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://tron2q8fxk[.]z13[.]web[.]core[.]windows[.]net/Wind0s01Ersys44/index[.]html
  •  hxxps://rip15-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://rip15-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://rip15-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://kortakouo[.]com/mtk/kohoush[.]html
  •  hxxps://rip9-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://xdgpp7pkf4x[.]pages[.]dev/smart89/
  •  hxxps://ugmi4-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://knnfdndofodsjodjs[.]s3[.]eu-north-1[.]amazonaws[.]com/index[.]html
  •  hxxps://mnnn6[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://serviceaca112ppca11he1pn0w11[.]pages[.]dev/
  •  hxxps://ugmi5[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://ugmi5[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://d27mozvjpypc6q[.]cloudfront[.]net/314733ce4/index[.]html?num=0101+%28505%29+5594-769&source=hxxp%3A%2F%2Ffiscalinvestigate[.]com
  •  hxxps://d27mozvjpypc6q[.]cloudfront[.]net/314733ce4/o7xai5bs[.]mp3
  •  hxxps://mnnn7-secondary[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://appinf0servicesmain113[.]pages[.]dev/
  •  hxxps://mnnn9-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://mnnn9-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://staginapadbhutsubp7221g[.]d3v5h1gxvgdixd[.]amplifyapp[.]com/
  •  hxxps://emelyperez[.]autos/call/join/?moon=Osfvv6KS
  •  hxxps://valeriaramos[.]autos/call/join/?moon=Osfvv6KS
  •  hxxps://szz17-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://asiuu99[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://forwigjoeeiorjegoeirjhhjeri[.]azurewebsites[.]net/
  •  hxxps://smd2[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://smd2[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://1qrwhnel6bob2dv[.]z6[.]web[.]core[.]windows[.]net/?phone=09-70-38-96-52
  •  hxxps://bbn25-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://bbn25-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://black-river-0907b6810[.]5[.]azurestaticapps[.]net/Win08ShDMeEr0887/index[.]html
  •  hxxps://njj14-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://njj14-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://bbn26[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://appinf0servicesmain114[.]pages[.]dev/
  •  hxxps://charlottelevy[.]autos/call/join/?moon=VCLhuE9h
  •  hxxps://appnihuregfdwa112[.]pages[.]dev/
  •  hxxps://tron2q8ahvd[.]z13[.]web[.]core[.]windows[.]net/Wind0s01Ersys44/index[.]html
  •  hxxps://srk1[.]z10[.]web[.]core[.]windows[.]net//werrx01USAHTML/?bcda=1-855-399-1012
  •  hxxps://judeunderwood[.]autos/hearty/packs/?moon=Osfvv6KS/
  •  hxxps://appj8hh3[.]z13[.]web[.]core[.]windows[.]net/Win0security-helpline07/index[.]html?ph0n=1-866-464-0573
  •  hxxps://smd3[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://d32g1zn1iir2zg[.]cloudfront[.]net/314733ce4/index[.]html?num=0101+%28505%29+5594-769&source=hxxp%3A%2F%2Fecomapper[.]org
  •  hxxps://d32g1zn1iir2zg[.]cloudfront[.]net/314733ce4/o7xai5bs[.]mp3
  •  hxxps://lapak17[.]buzz/pop/pop/?tk=o09ub6cifvex1ywtwg7kjephzl2ypdmm
  •  hxxps://wtt1rp0vqhrsdjfzuu[.]pages[.]dev/smart89/
  •  hxxps://perjsxgjqurt[.]pages[.]dev/smart89/
  •  hxxps://aao6[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://aao6[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://ftoeef47vurzbdrdw6p[.]pages[.]dev/smart89/
  •  hxxps://serviceca11appca11he1pn0w11[.]pages[.]dev/
  •  hxxps://we122-secondary[.]z8[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=09651-9399-892
  •  hxxps://iip26-secondary[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://iip26-secondary[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://ugmi5-secondary[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://ugmi5-secondary[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://islasilva[.]autos/hearty/packs/?moon=Osfvv6KS
  •  hxxps://ugmi1[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://24maymac4[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://asioo1[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://d332b8yy7ng8vf[.]cloudfront[.]net/314733ce4/index[.]html?num=0101+%28207%29+3833-997&source=hxxp%3A%2F%2Fbudgetgardentools[.]com
  •  hxxps://d332b8yy7ng8vf[.]cloudfront[.]net/314733ce4/o7xai5bs[.]mp3
  •  hxxps://kds1[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://kds1[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://kds1[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://codewebhub01[.]z1[.]web[.]core[.]windows[.]net/Win01securityMyohelpline0041/index[.]html
  •  hxxps://serviceappinfms1[.]pages[.]dev/
  •  hxxps://mnnn7[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://mnnn7[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://rip16[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://rip16[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://asi6[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://asi6[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://ihnjwrhjrwhntrithjnregjgreht[.]azurewebsites[.]net/
  •  hxxps://bromila[.]com/8a12845fa070aea4d03df29e52d7aa5b/webs[.]mp4
  •  hxxps://ugmi4[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://ugmi4[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://zealous-field-076a1de1e[.]5[.]azurestaticapps[.]net/?664f65d788c5d3035462b82f&ph0n=1-858-215-6561
  •  hxxps://zealous-field-076a1de1e[.]5[.]azurestaticapps[.]net/?664f65d788c5d3035462b82f&ph0n=1-833-711-4082
  •  hxxps://ugmi6-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://ugmi6-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://digital-web-01[.]s3[.]sa-east-1[.]amazonaws[.]com/index[.]html?ph0nq=010-1-917-6753039
  •  hxxps://servicehe1lpn0wr112[.]pages[.]dev/
  •  hxxps://ugmi7-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://d10fq87bu1c2g9[.]cloudfront[.]net/314733ce4/o7xai5bs[.]mp3
  •  hxxps://d10fq87bu1c2g9[.]cloudfront[.]net/314733ce4/index[.]html?num=0101+%28505%29+5594-769&source=hxxp%3A%2F%2Fecocabinetry[.]org
  •  hxxps://ca11he1lpn0wr11[.]pages[.]dev/
  •  hxxps://rip8[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://rip8[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://rip8[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://appjj8f6[.]z19[.]web[.]core[.]windows[.]net/Win0security-helpline07/index[.]html?ph0n=+1-000-000-0000
  •  hxxps://tron2qi8agv[.]z13[.]web[.]core[.]windows[.]net/Wind0s01Ersys44/index[.]html
  •  hxxps://d1rivklpdpgmic[.]cloudfront[.]net/314733ce4/index[.]html?num=0101+%28505%29+5594-769&source=hxxp%3A%2F%2Fecomapper[.]org
  •  hxxps://d1rivklpdpgmic[.]cloudfront[.]net/314733ce4/o7xai5bs[.]mp3
  •  hxxps://win-alert-computer-support-pop-alert-1818-call-tollfree[.]pages[.]dev/
  •  hxxps://asiuu99-secondary[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://asiuu99-secondary[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://njj14[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://njj14[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://uywhryurwhwirhwrhwrhjshjk[.]azurewebsites[.]net/
  •  hxxps://kds2-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://kds2-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://kds2-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://smd1-secondary[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://ssi1-secondary[.]z8[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=09651-9399-892
  •  hxxps://serviceca11he1pn0waa1[.]pages[.]dev/
  •  hxxps://szz12-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://szz12-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://ssi102[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://app6c14[.]z13[.]web[.]core[.]windows[.]net/Win0security-helpline07/index[.]html?ph0n=1-833-211-0972
  •  hxxps://mnnn3-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://he110ca11he1lpn0wwb112[.]pages[.]dev/
  •  hxxps://tron2q8kv6[.]z13[.]web[.]core[.]windows[.]net/Wind0s01Ersys44/index[.]html
  •  hxxps://srk6[.]z35[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=1-855-399-1012
  •  hxxps://grughairuwabgairuweirwhrewgh[.]azurewebsites[.]net/
  •  hxxps://24maymac13[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://smd4-secondary[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://njj34-secondary[.]z23[.]web[.]core[.]windows[.]net/merrx01usahtml/?bcda=1-844-621-5309
  •  hxxps://brazzerscm-error0x22908-alert-virus-detected[.]pages[.]dev/AnDrCdEr00d0CH808Err0r8An00Dr01/
  •  hxxps://0fi9aent9ceh[.]azureedge[.]net/8901/smart89/
  •  hxxps://szz14[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://szz14[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://szz14[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://darritv[.]online/
  •  hxxps://asi7[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://ca11appinf0serviceaclbmc1[.]pages[.]dev/
  •  hxxps://hdporno-error0x21503-alert-virus-detected[.]pages[.]dev/AnDrCdEr00d0CH808Err0r8An00Dr01/
  •  hxxps://lobster-app-xvyb9[.]ondigitalocean[.]app/
  •  hxxps://asiuu921-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://asiuu921-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://aax4qxqlxdnhr1bes[.]pages[.]dev/smart89/
  •  hxxps://njj13-secondary[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://njj13-secondary[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://njj13-secondary[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://aao6-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://aao6-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://aao6-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://appinf0servicesmain11[.]pages[.]dev/
  •  hxxps://serviceca11he1appca11he1pn0w112[.]pages[.]dev/
  •  hxxps://edmvtyiso5dhadnhm[.]pages[.]dev/smart89/
  •  hxxps://serviceappca11he1pn0w11[.]pages[.]dev/
  •  hxxps://appnnj8hhj9[.]z13[.]web[.]core[.]windows[.]net/Win0security-helpline07/index[.]html?ph0n=+1-000-000-0000
  •  hxxps://bbn25[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://bbn25[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://kkm21-secondary[.]z11[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=1-833-549-9265
  •  hxxps://digital-web-02[.]s3[.]sa-east-1[.]amazonaws[.]com/index[.]html?ph0nq=0101-917-6953039
  •  hxxps://smd4[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://smd4[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://smd4[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://serviceca11he1appca11he1pn0w11[.]pages[.]dev/
  •  hxxps://riverreke[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=1-818-949-6661
  •  hxxps://kds3[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://kds3[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://ugmi6[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://ugmi2[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://ugmi2[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://ugmi2[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://ugmi2[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://24maymic12[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://szz13[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://szz13[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://szz13[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://szz12[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://szz12[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://hgrwiuhwrugwuwargwerg[.]azurewebsites[.]net/
  •  hxxps://ihmw4hiwnhwihgwgegfs[.]azurewebsites[.]net/
  •  hxxps://ugmi1-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://ugmi1-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://ugmi1-secondary[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://ssi102-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://ssi102-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://ugmi7[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://ugmi7[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://ugmi7[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://gt9mkhklnucnjhpnrvpyosrkdtp8bz76kezbvposhnkhuu[.]pages[.]dev/smart89/
  •  hxxps://jasminebmt[.]pages[.]dev/
  •  hxxps://iip26[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://iip26[.]z11[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://ssi101-secondary[.]z8[.]web[.]core[.]windows[.]net/macos/index[.]html?bcda=(0101)-50565-21383
  •  hxxps://ssi101-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50565-21383
  •  hxxps://ssi101-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://kkm3nj0mfb4jjs[.]pages[.]dev/smart89/
  •  hxxps://kewix7[.]shop/pop/pop/?tk=wrhop8o4cfyaajxdp1grlmh3tbncbivw
  •  hxxps://serviceca11he1pn0waa12[.]pages[.]dev/
  •  hxxps://usususususus[.]s3[.]eu-north-1[.]amazonaws[.]com/index[.]html
  •  hxxps://asioo1-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://asioo1-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://serviceappca11he1pn0w12[.]pages[.]dev/
  •  hxxps://tasksp0rnsassociated[.]z13[.]web[.]core[.]windows[.]net/bfvhd7ewsm[.]html
  •  hxxps://asiuu921[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://asiuu921[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://servicehe1lpn0wr11[.]pages[.]dev/
  •  hxxps://d3ideaxj9ky0x1[.]cloudfront[.]net/314733ce4/index[.]html?num=0101+%28505%29+5594-769&source=hxxp%3A%2F%2Fchicbitescafe[.]com
  •  hxxps://d3ideaxj9ky0x1[.]cloudfront[.]net/314733ce4/o7xai5bs[.]mp3
  •  hxxps://szz13-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://livediscodating[.]b-cdn[.]net/wedn[.]html
  •  hxxps://ugmi2-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://smd2-secondary[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://smd2-secondary[.]z31[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://mnnn6-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://mnnn6-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://www[.]update[.]antivirus-cleaner[.]com/
  •  hxxps://kds1-secondary[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://ssi101[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://twerghirwghwirhetughgreaaaw[.]azurewebsites[.]net/
  •  hxxps://windalertsud-error0x22908-alert-virus-detected[.]pages[.]dev/AnDrCdEr00d0CH808Err0r8An00Dr01/
  •  hxxps://d94hitqxyraz2[.]cloudfront[.]net/5ab6ba1da/index[.]html
  •  hxxps://d94hitqxyraz2[.]cloudfront[.]net/5ab6ba1da/index[.]html?num=0101+%28415%29+6927-932&source=hxxps%3A%2F%2Favco[.]co[.]jp
  •  hxxps://szz14-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://michelleburch[.]autos/hearty/packs/?moon=Osfvv6KS
  •  hxxps://tron2qj7agc[.]z13[.]web[.]core[.]windows[.]net/Apple0s01Ersys44/index[.]html
  •  hxxps://gtgftydcezhgvgtctyc[.]azurewebsites[.]net/
  •  hxxps://bbn20[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://aao5[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://aao5[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://d1d3e9mg6atkew[.]cloudfront[.]net/314733ce4/index[.]html?num=0101+%28505%29+5594-769&source=hxxp%3A%2F%2Fbudgetgardentools[.]com
  •  hxxps://d1d3e9mg6atkew[.]cloudfront[.]net/314733ce4/o7xai5bs[.]mp3
  •  hxxps://ugmi13-secondary[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://www[.]page-pezziluxafi[.]shop/ll1504/index[.]php
  •  hxxps://szz17[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://szz17[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://szz17[.]z35[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://ca11appinf0serviceaclbmc12[.]pages[.]dev/
  •  hxxps://acxogxlaybg7qr[.]pages[.]dev/smart89/
  •  hxxps://sevoh11[.]shop/pop/pop/
  •  hxxps://ibi8vno4bu2jq88n[.]pages[.]dev/smart89/
  •  hxxps://appinf0serviceaclbmc1[.]pages[.]dev/
  •  hxxps://serviceappinfms12[.]pages[.]dev/
  •  hxxps://mnnn9[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://mnnn9[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://serviceuhfvjhms121[.]pages[.]dev/
  •  hxxps://s3[.]ap-northeast-1[.]amazonaws[.]com/intos[.]com/Amixer/www[.]notlce-diglogbcow[.]shop/ll1758/index370f[.]html
  •  hxxps://johnathondaniel[.]autos/call/join/?moon=Osfvv6KS/
  •  hxxps://asi6-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://asi6-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://rghrwghweiruhgheeruhghgherag[.]azurewebsites[.]net/
  •  hxxps://uthrhuywngvjwncdsg[.]azurewebsites[.]net/
  •  hxxps://app8c6[.]z13[.]web[.]core[.]windows[.]net/Win0security-helpline07/index[.]html?ph0n=+1-000-000-0000
  •  hxxps://lakeriisorneja[.]s3[.]us-west-1[.]amazonaws[.]com/Win08ShDMeEr0887/index[.]html
  •  hxxps://d3q3nbj33doflx[.]cloudfront[.]net/3679dd432/o7xai5bs[.]mp3
  •  hxxps://d3q3nbj33doflx[.]cloudfront[.]net/3679dd432/index[.]html?num=0101+%28505%29+9337-268&source=hxxps%3A%2F%2Favco[.]co[.]jp
  •  hxxps://jeramiahhuang[.]autos/call/join/?moon=tBxm3SRH
  •  hxxps://vbneijghegtibgndhzzfhjk[.]azurewebsites[.]net/
  •  hxxps://gray-bay-053a65b1e[.]5[.]azurestaticapps[.]net/
  •  hxxps://saooii12-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://saooii12-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://saooii12-secondary[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://bbn20-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://bbn20-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://bbn20-secondary[.]z8[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://bgpadet8lo8q6jfhyl9torgdtht3j1zvtq5l4dodnskoh0[.]pages[.]dev/smart89/
  •  hxxps://23rdmayarwin4[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://trq21files6468h65fdtr65g67h85deploy869[.]pages[.]dev/
  •  hxxps://appinf0servicesmain112[.]pages[.]dev/
  •  hxxps://rip9[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://rip9[.]z23[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://asi7-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://asi7-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://asi7-secondary[.]z10[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152
  •  hxxps://kjmrhkwrnhktejmrwehin[.]azurewebsites[.]net/
  •  hxxps://ugmi13[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50982-46596
  •  hxxps://ugmi13[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50360-84553
  •  hxxps://ugmi13[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50235-75438
  •  hxxps://ugmi13[.]z30[.]web[.]core[.]windows[.]net/windows/index[.]html?bcda=(0101)-50959-02152

Phishing URL IOCs

You can see our feed of observed IOCs for the brand on following threat intelligence platforms.
https://www.virustotal.com/gui/collection/user/noladefense/collections
https://otx.alienvault.com/user/noladefense/pulses

What is Phishing?

Phishing is a type of scam where criminals create fake websites, emails or messages that appear to be from a legitimate source, such as a bank or e-commerce site, to trick people into giving away their personal information, such as passwords or credit card numbers. They use this information to steal money, commit identity theft or carry out other fraudulent activities.

How to Handle It

If you have already accessed such phishing websites, take the following steps:
  • If you entered any personal information, change all passwords and alert your bank and credit card companies.
  • Enable multi factor authentication to prevent access from attacker.
  • If you entered any financial information, check your bank and credit card statements to ensure no fraudulent activity has occurred.
  • Install anti-virus software and keep it up-to-date to prevent future phishing attempts.
  • Be sure to also spread the word to your friends and family about this phishing site, and always be cautious when providing personal or financial information online.

Why Phishing is Dangerous

Phishing is dangerous because it can result in identity theft, financial loss, and other negative consequences. Criminals can use your personal information to open new bank accounts, apply for loans or credit cards, and even file tax returns in your name. Phishing attacks are becoming increasingly sophisticated and difficult to detect, so it is important to be cautious and vigilant when providing personal information online.

Conclusion

Phishing attacks are a serious threat that can result in significant financial and personal losses. If you have encountered a similar website, be sure to take immediate action to protect your personal and financial information. By reporting the site and spreading the word about the dangers of phishing, you can help prevent others from falling victim to these scams.