**Multi-Domain Scam Campaign Targeting Job Seekers and Government Service Users**
Our investigation has identified a sophisticated scam operation utilizing seven interconnected domains registered through NAMECHEAP INC between October 8-15, 2025. The domains include jobhiringplc.com, epassportservices.org, wavendra.shop, machineryandtractor.com, tidepetal.com, www.skyboundfreight.com, and mivrass-us.com. All seven domains share the same underlying infrastructure, indicating coordinated operation by the same threat actors. This network demonstrates a deliberate strategy to create multiple fraudulent websites across different service categories to maximize victim reach.
The campaign targets consumers through multiple vectors, with community reports revealing fake job postings impersonating major corporations and fraudulent government services. One victim reported receiving a scam email claiming to be from "Netflix US" for a "Remote Office Clerk" position after applying through LinkedIn, while another described a fake "Data Entry Clerk – Remote position at PepsiCo (US)" offer. Additionally, epassportservices.org specifically targets parents seeking U.S. passport applications for children, with one victim reporting they "proceeded to fill out the application" on the fraudulent site. These reports demonstrate the campaign's broad approach, exploiting both employment desperation and essential government service needs.
The operation shows significant consumer impact potential, particularly when viewed alongside related entities TITLE FINANCIAL CORPORATION (3 CFPB complaints in mortgage services) and Credit Corp Solutions Inc. (2,743 CFPB complaints in debt collection). The combination of fake job offers, fraudulent government services, and problematic financial entities suggests a comprehensive scheme designed to collect personal information, financial data, and potentially advance fee payments from vulnerable consumers across multiple touchpoints.
**Consumer Protection Recommendations**
If you receive job offers or are directed to government service websites, verify legitimacy by contacting the company or agency directly through official channels listed on their verified websites or phone directories. Never provide personal information, Social Security numbers, or payment details through unsolicited emails or unfamiliar websites. If contacted by these entities, hang up immediately, do not click any links in emails, and report the incident to the FTC at reportfraud.ftc.gov or file complaints with the FCC for phone-based scams. To check if a phone number or domain is safe, search for it online with terms like "scam" or "fraud," and verify company websites by typing URLs directly into your browser rather than clicking links.
This campaign represents a high-threat, multi-vector operation with demonstrated ability to impersonate legitimate employers and government services. Consumers should exercise extreme caution with any communications from these domains and immediately report encounters to federal authorities. The coordinated infrastructure and diverse targeting methods indicate sophisticated threat actors with significant operational capacity.