Scam Detective

Scam Campaign

Lotteries, prizes & sweepstakes Robocall Campaign

Identified on 4/22/2026

Primary Entity

domain

sbstorage.club
High Risk
  • Flagged by Google Safe Browsing
  • No SSL certificate

Campaign Narrative

This cluster centers on 2121 connected domains tagged as GuLoader, NorthKorea, censys. The domains include 59.182.90.199, 178.50.166.61, 113.168.249.76, 123.209.193.86, 113.165.6.38, 120.157.72.234, 171.235.194.253, 120.157.159.171, 37.142.77.163, 46.124.33.133, 46.124.40.3, 83.224.151.243, 88.86.246.233, 41.146.1.154, 59.182.119.128, 14.236.247.68, 120.157.72.59, 95.127.248.192, 116.110.179.199, cdn.discordapp.com and 2101 more. 576 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus.

Flagged domains in this cluster, 59.182.90.199, 178.50.166.61, 113.168.249.76, 123.209.193.86, 113.165.6.38, 120.157.72.234, 171.235.194.253, 120.157.159.171, 37.142.77.163, 46.124.33.133, 46.124.40.3, 83.224.151.243, 88.86.246.233, 41.146.1.154, 59.182.119.128, 14.236.247.68, 120.157.72.59, 95.127.248.192, 116.110.179.199, cdn.discordapp.com and 556 more.

The connected infrastructure includes 737 phone numbers (7329827031, 3232504314, 6788275429) with 291 FTC complaints; 182 email addresses (ceo@cmhomewarranty.com, robert@cmhomewarranty.com, lawnstone01@mobile.pinger.com).

Across all linked entities, consumers have filed 651 complaints with federal agencies.

Geographically, consumer complaints associated with this campaign are concentrated in Seattle, WA, Sterling Heights, MI, Austin, TX, Santa Fe, NM, Colorado Springs, CO. This regional pattern may indicate targeted operations or reflect where the scam has been most actively reported.

If you receive a call or text from any of these numbers, do not engage. Hang up immediately and do not call back. Never provide personal information or make payments to unknown callers. Do not click links to any of the flagged domains. If you have visited one, check your accounts for unauthorized activity and consider changing your passwords. Do not reply to suspicious emails or click any links or attachments they contain. Check the sender's domain carefully for misspellings or unusual variations. You can report suspicious contacts to the FTC at reportfraud.ftc.gov or to the FCC at consumercomplaints.fcc.gov.

This campaign was identified through automated analysis of FTC/FCC complaint databases, threat intelligence feeds, email threat intelligence and entity relationship mapping.

Entity Roster

Phone Numbers (737)

Domains (2121)

Emails (182)

Data Sources

Related Campaigns

Other campaigns that share phone numbers, domains, or companies with this one.

Scam Prevention Resources

Parking Revenue Recovery Services Doesn't Exist

A fake company sends official-looking parking violation notices through the mail. The letters demand payment for violations that never happened at places you never parked.

Dating Site Wants Crypto to Unlock Your Match

The voting process never ends. The fixes cost more crypto each time. The girl you picked doesn't exist.

Scratch-Off Cards Promise Free Cruises and Luxury Showcases

Those winning scratch-off cards in your mailbox aren't what they seem. The cruise invitation is fake, and the real pitch comes later.

QR Code Traffic Tickets Arrive by Text and Mail

Fake court notices with QR codes are hitting phones and mailboxes. The codes lead to credential-harvesting sites designed to steal your personal information.

(888) 269-4978 Won't Stop Calling About Loans You Never Applied For

This number has generated over 1,300 complaints in 30 days. The victims all have one thing in common: phantom loan applications they never submitted.

View all articles

NordPass — Stop reusing passwords across accounts

After a breach, attackers try stolen passwords on every site you use. NordPass generates and stores a unique password for each account.

Try NordPassAffiliate link. We may earn a commission.
View all campaigns