2024-09-30 Daily Phishing URL Summary

on

198 Phishing Websites Detected Today

We have detected 198 possible phishing websites in the past 24 hours.

Daily Trending Brands

Daily trending brands with detected URLs are follows.

1: Tech Support Scam (97)

  •  hxxps://mcrosoft-services-virus-alert0x12[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://27sepmic1[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://zl0l9p7rgczptqikacgd[.]pages[.]dev/smart89/
  •  hxxps://ipupupp[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-85532-40973
  •  hxxps://ipupupp[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-88868-26261
  •  hxxps://tiger-ats[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://hbfpb9xvxgim0owuxky[.]pages[.]dev/smart89/
  •  hxxps://phonessadaeweww-secondary[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-85532-40973
  •  hxxps://phonessadaeweww-secondary[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80282-93448
  •  hxxps://itsdone212-secondary[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://itsdone212-secondary[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://30th1s6d2x8g56013[.]z31[.]web[.]core[.]windows[.]net/
  •  hxxps://butter-ehi[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://frutienanna-secondary[.]z5[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://frutienanna-secondary[.]z5[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://wihwqrjmdzyo[.]pages[.]dev/smart89/
  •  hxxps://ioipoiopu-secondary[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://ioipoiopu-secondary[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-88868-26261
  •  hxxps://ioipoiopu-secondary[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80282-93448
  •  hxxps://ah6w5uz0pk[.]pages[.]dev/smart89/
  •  hxxps://ewewephonessada[.]z19[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://ewewephonessada[.]z19[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-85532-40973
  •  hxxps://ewewephonessada[.]z19[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-88868-26261
  •  hxxps://27sepmic3[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://rose-9zs[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://reachingpreventsacademia[.]z13[.]web[.]core[.]windows[.]net/webd5kc70cvfes-ocicd0sokcj2vfdsd-c0do4sxcif2dsoxc-spdo7cdosc-azdew3os4ckfdes-c0vfe0w2psokx4cd-cvfep2sokcids-cvfe04wosjcc-co2ieosds6dcjfe/index[.]html
  •  hxxps://jhgf2[.]pages[.]dev/
  •  hxxps://2204four[.]pages[.]dev/
  •  hxxps://fruuitnana-secondary[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-85532-40973
  •  hxxps://lotus-2a1[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://wonderful-plant-084919410[.]5[.]azurestaticapps[.]net/Win08ShDMeEr0887/index[.]html
  •  hxxps://dssfrr36[.]z9[.]web[.]core[.]windows[.]net/Wi0n0HelpErr0ShA52/index[.]html?Anph=null
  •  hxxps://itsdone212[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-85532-40973
  •  hxxps://itsdone212[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80282-93448
  •  hxxps://honey-eeo[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://committedcommittedweb[.]z13[.]web[.]core[.]windows[.]net/Yhfeik3sjdsc0vfe6wpsxos-dewp2ssqazoc-spocide3pslks-d0wfr4paosk-d0eobg2wksjd-fdewps2odiews-fdpeo4skdf0fd2ep-sods3psodsdwp6soknb/index[.]html
  •  hxxps://sdcsdgh5623ms[.]pages[.]dev/
  •  hxxps://cursor-1zy[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://storaggee1[.]z24[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=1-806-544-1112
  •  hxxps://house-enh[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://btncheck00showme020[.]z11[.]web[.]core[.]windows[.]net/maxmini/00MacdbfGyUjLPMacin8089/index[.]html
  •  hxxps://djsksheiuejwqiudsdsiegqdhsadiadisudg[.]s3[.]eu-central-003[.]backblazeb2[.]com/index[.]html
  •  hxxps://wind-5lz[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://fkbacoizsetol[.]z13[.]web[.]core[.]windows[.]net/wintossfo/index[.]html
  •  hxxps://iuiouuou[.]z19[.]web[.]core[.]windows[.]net/merrx01usahtml/?bcda=(0101)-88868-26194
  •  hxxps://iuiouuou[.]z19[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-88868-26194
  •  hxxps://27sepmic5[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://mac-8el[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://money-aa0[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://tedszdg54wsrtgzgt[.]pages[.]dev/
  •  hxxps://lucky-35r[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://keyboard-5yz[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://eg2duiczqgnstsk[.]pages[.]dev/smart89/
  •  hxxps://knyreraxcw887n[.]pages[.]dev/smart89/
  •  hxxps://oiuoiuu-secondary[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://oiuoiuu-secondary[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-85532-40973
  •  hxxps://oiuoiuu-secondary[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-88868-26261
  •  hxxps://vbc5ectfugjuf6e[.]pages[.]dev/
  •  hxxps://win9u98ue8ygr78f8b[.]pages[.]dev/
  •  hxxps://dominoes7-secondary[.]z24[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://dominoes7-secondary[.]z24[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://phonessadaeweww[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://phonessadaeweww[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://smartwork-b3w[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://monkey-6sb[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://micropageshubactivity[.]z13[.]web[.]core[.]windows[.]net/Nsdwi3sjdiw5asxks-c0fdew0spoxc2id5sxcd-sdoew2psod-s0dewso4kxcids-cdwps2oc5dwps-dwosid4ewos-ddof2ewpsd-sd0oewp5sodesod7ewos/index[.]html
  •  hxxps://jhgf1[.]pages[.]dev/
  •  hxxps://mouse-6sq[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://ipupupp-secondary[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://ipupupp-secondary[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://phonessada-secondary[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-88868-26261
  •  hxxps://phonessada-secondary[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80282-93448
  •  hxxps://27sepmic7[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://monkfish-app-2mw69[.]ondigitalocean[.]app/os/ER0err0r1111KHSL9(RR00rWiSe)/Err(OR0013)/adv(0017HK)/index1[.]html
  •  hxxps://fly-df5[.]pages[.]dev/Wi0n0erAry0mpAlert048/
  •  hxxps://ewewephonessada-secondary[.]z19[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://ewewephonessada-secondary[.]z19[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80282-93448
  •  hxxps://phonessadawqwwwq-secondary[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://phonessadawqwwwq-secondary[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-85532-40973
  •  hxxps://dominoes7[.]z24[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-88868-26261
  •  hxxps://dominoes7[.]z24[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-85532-40973
  •  hxxps://bzxr1tfchwjkqxjr8ftb[.]pages[.]dev/smart89/
  •  hxxps://27sepmic6[.]z13[.]web[.]core[.]windows[.]net/
  •  hxxps://oiuoiuu[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://oiuoiuu[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80282-93448
  •  hxxps://ld0fiqsqyxcb[.]pages[.]dev/smart89/
  •  hxxps://fruuitnana[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://fruuitnana[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://monkfish-app-blb5w[.]ondigitalocean[.]app/
  •  hxxps://jhgf3[.]pages[.]dev/
  •  hxxps://frutienanna[.]z5[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-88868-26852
  •  hxxps://ioipoiopu[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://ioipoiopu[.]z1[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-85532-40973
  •  hxxps://phonessada[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://phonessada[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-83178-96435
  •  hxxps://phonessadawqwwwq[.]z13[.]web[.]core[.]windows[.]net/werrx01USAHTML/?bcda=(0101)-80231-03264
  •  hxxps://kuhsrdqsflefkzyq3ci[.]pages[.]dev/smart89/

2: Potential Shop Scam (25)

  •  hxxps://www[.]thenorthface-nederland[.]com/
  •  hxxps://www[.]ariatbootsmexico[.]com[.]mx/
  •  hxxps://www[.]hellyhansenespana[.]es/
  •  hxxps://www[.]showpoaustralia[.]com[.]au/
  •  hxxps://www[.]thenorthfacedeutschlandonline[.]com/
  •  hxxps://www[.]timexwatchesaustralia[.]com[.]au/
  •  hxxps://www[.]thenorthface-india[.]co[.]in/
  •  hxxps://sam-sonite-nederland[.]com/
  •  hxxps://www[.]ovoclothingukstore[.]com/
  •  hxxps://www[.]the-northface[.]jp/
  •  hxxps://www[.]viponlinexg[.]icu/
  •  hxxps://mail[.]pandora[.]sa[.]com/
  •  hxxps://mail[.]viponlinexg[.]icu/
  •  hxxps://www[.]hellyhansen-southafrica[.]co[.]za/
  •  hxxps://www[.]ragandboneaustralia[.]com[.]au/
  •  hxxps://www[.]owala-ie[.]com/
  •  hxxps://www[.]tbaustralia[.]com/
  •  hxxps://www[.]bodenusa[.]top/
  •  hxxps://www[.]wayofwade[.]com[.]au/
  •  hxxps://www[.]uniqlocolombiabogota[.]com[.]co/
  •  hxxps://www[.]unszurich[.]com/
  •  hxxps://www[.]oral-buk[.]com/
  •  hxxps://www[.]lululemonrabatt[.]de/
  •  hxxps://www[.]spanxdeutschland[.]de/
  •  hxxps://www[.]longchampbagsouthafrica[.]com/

3: AT&T (23)

  •  hxxps://iagreewithattmailtermsofuse[.]weeblysite[.]com/
  •  hxxps://sign-in-109688cfdx[.]weeblysite[.]com/
  •  hxxps://att3234[.]weeblysite[.]com/
  •  hxxps://newcurrenty0[.]weeblysite[.]com/
  •  hxxps://home-101412[.]weeblysite[.]com/
  •  hxxps://home-101814[.]weeblysite[.]com/
  •  hxxps://attlo0[.]weeblysite[.]com/
  •  hxxps://att-103927[.]weeblysite[.]com/
  •  hxxps://mail-104093[.]weeblysite[.]com/
  •  hxxps://att-106929[.]weeblysite[.]com/
  •  hxxps://home-109919[.]weeblysite[.]com/
  •  hxxps://att-109034[.]weeblysite[.]com/
  •  hxxps://attcom-101328[.]weeblysite[.]com/
  •  hxxps://bt-107881[.]weeblysite[.]com/
  •  hxxps://home-100694[.]weeblysite[.]com/
  •  hxxps://home-101941[.]weeblysite[.]com/
  •  hxxps://mail-100202[.]weeblysite[.]com/
  •  hxxps://att-inc-100974[.]weeblysite[.]com/
  •  hxxps://home-107257[.]weeblysite[.]com/
  •  hxxps://att-login380[.]weeblysite[.]com/
  •  hxxps://home-103587[.]weeblysite[.]com/
  •  hxxps://home-109628-103024[.]weeblysite[.]com/
  •  hxxps://shaw-101954[.]weeblysite[.]com/

4: Microsoft (11)

  •  hxxps://ipfs[.]runfission[.]com/ipfs/bafkreida6nozfksc4gzc2wz6xkh2jlfjcfq2xrt2q355hvbqtwp657gq5q/
  •  hxxps://720334-microsoft[.]com/signin?client_id=66fb33627f1d0-66fb33627f1ea-66fb33627f1eb-66fb33627f1ec&oauth_challenge=66fb33627f1ed-66fb33627f1ee-66fb33627f1ef-66fb33627f1f0
  •  hxxp://frontieraccessories-securefile[.]s3-website[.]us-east-2[.]amazonaws[.]com/
  •  hxxps://jasmine2211-crypto[.]github[.]io/cloudhost/
  •  hxxps://pub-d3e6397462f14fe4862bdc9854c18d5f[.]r2[.]dev/in[.]html
  •  hxxps://www[.]secure[.]qqp[.]zle[.]temporary[.]site/
  •  hxxps://pub-10db0c7b0e09403bb42162f52e2acdd7[.]r2[.]dev/compsob[.]html
  •  hxxps://pub-73ee129d9ec943f785408564adcaf985[.]r2[.]dev/cryn[.]html
  •  hxxps://jxsuuedbsi8ewqbjsakkkjsjdhakiewqhd[.]s3[.]eu-central-003[.]backblazeb2[.]com/index[.]html
  •  hxxps://storageapi-new[.]fleek[.]co/ab4b0b67-82a9-451d-a0eb-cf71e80f8c44-bucket/yss/ind[.]html
  •  hxxps://329345-microsoft[.]com/signin?client_id=66fa8c1eb6a5b-66fa8c1eb6a5d-66fa8c1eb6a5e-66fa8c1eb6a5f&oauth_challenge=66fa8c1eb6a60-66fa8c1eb6a61-66fa8c1eb6a62-66fa8c1eb6a63

5: Generic Email (8)

  •  hxxps://89800909y[.]boltonresin[.]co[.]uk/u0-0p9g-9-9hggh-gh[.]html
  •  hxxps://bafybeibuck7dj7ymeh3plp76dtlqg4sic6l5n3sx2bvihb3hyjmyb2aq3y[.]ipfs[.]dweb[.]link/
  •  hxxps://bafybeibuck7dj7ymeh3plp76dtlqg4sic6l5n3sx2bvihb3hyjmyb2aq3y[.]ipfs[.]dweb[.]link/?openboxmailer/auto/eMail[.]web/987FTmail[.]authenticate/checking_auth0/authenticate-userid/84778949884903948993839/
  •  hxxps://webpixie[.]bluedigitalmagic[.]com/wp-admin/images/kjhfexwwehjlkiivxzaqpopllmmnbggtreesccvbb[.]html
  •  hxxps://hollow-sunset-broad[.]on-fleek[.]app/
  •  hxxps://medcmetalbolia-herbal[.]pages[.]dev/
  •  hxxps://sitecloneai[.]digisprout[.]live/download/page/66f44762282a3/?mc_phishing_protection_id=28396-crrdd17s2tuvnoae5gkg
  •  hxxps://d2im[.]sman1anjatan[.]sch[.]id/grfe3t4few/

6: OneDrive (5)

  •  hxxps://oo1ll740ed[.]com/
  •  hxxps://adobe-joj[.]pages[.]dev/
  •  hxxps://pub-97b96357bcf44c5696f04c969ab43125[.]r2[.]dev/index[.]html
  •  hxxps://gfmissions[.]org/newbrav/index[.]php
  •  hxxps://pub-bdca4a384d1c4d4e8bae21f39be59851[.]r2[.]dev/adobe[.]html

7: Metamask (4)

  •  hxxps://metaasklogim[.]gitbook[.]io/us
  •  hxxps://metamasklogin-com[.]webflow[.]io/
  •  hxxps://metamaskhylogogin[.]gitbook[.]io/us
  •  hxxps://walletus-meatamaskk[.]webflow[.]io/

8: PayPal (4)

  •  hxxps://support-client-brf[.]codeanyapp[.]com/PAYYYY/infos/bf/loading[.]php?
  •  hxxps://paypal-sicherheitsupdate[.]com/steps/login[.]php
  •  hxxps://ppl-de[.]13-60-59-225[.]cprapid[.]com/
  •  hxxps://miracle-100[.]pages[.]dev/%7Bcobrand%7D/cgi-bin/helps

9: BT (3)

  •  hxxps://bchhek[.]weeblysite[.]com/
  •  hxxps://bt-internet-101345[.]weeblysite[.]com/
  •  hxxps://bt-109011[.]weeblysite[.]com/

10: Netflix (3)

  •  hxxps://shadepull[.]com/nt/index0[.]php
  •  hxxps://www[.]netflixaccount[.]info/login[.]php?sessionid=7483238a57b46fc54360781984b92547&ue=7483238a57b46fc54360781984b92547
  •  hxxp://videotr[.]online/

Phishing URL IOCs

You can see our feed of observed IOCs for the brand on following threat intelligence platforms.

What is Phishing?

Phishing is a type of scam where criminals create fake websites, emails or messages that appear to be from a legitimate source, such as a bank or e-commerce site, to trick people into giving away their personal information, such as passwords or credit card numbers. They use this information to steal money, commit identity theft or carry out other fraudulent activities.

How to Handle It

If you have already accessed such phishing websites, take the following steps:
  1. If you entered any personal information, change all passwords and alert your bank and credit card companies.
  2. Enable multi factor authentication to prevent access from attacker.
  3. If you entered any financial information, check your bank and credit card statements to ensure no fraudulent activity has occurred.
  4. Install anti-virus software and keep it up-to-date to prevent future phishing attempts.
  5. Be sure to also spread the word to your friends and family about this phishing site, and always be cautious when providing personal or financial information online.

Why Phishing is Dangerous

Phishing is dangerous because it can result in identity theft, financial loss, and other negative consequences. Criminals can use your personal information to open new bank accounts, apply for loans or credit cards, and even file tax returns in your name. Phishing attacks are becoming increasingly sophisticated and difficult to detect, so it is important to be cautious and vigilant when providing personal information online.

Conclusion

Phishing attacks are a serious threat that can result in significant financial and personal losses. If you have encountered a similar website, be sure to take immediate action to protect your personal and financial information. By reporting the site and spreading the word about the dangers of phishing, you can help prevent others from falling victim to these scams.