This cluster centers on 2382 connected domains tagged as PureHVNC, elf, sh. 572 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 557 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2228 complaints with federal agencies. Geog...
Domain
blog.avast.com
First seen Feb 22, 2026
Suspicious
- No SSL certificate
- 1 community report from users
Campaign Intelligence
This cluster centers on 2396 connected domains tagged as 156-233-71-230, Quakbot, lnk. 586 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 565 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2237 complaints with federal agen...
This cluster centers on 1895 connected domains tagged as BeaverTail, RedLineStealer, password: 2026. 113 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 934 phone numbers (8772427372, 1319641540, 1319641221) with 524 FTC complaints; 683 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2093 complaints wit...
This cluster centers on 2416 connected domains tagged as BABADEDA, WallStealer, meterpreter. 607 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (5086371451, 9366439335, 1842506726) with 570 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2243 complaints with federa...
This cluster centers on 2764 connected domains tagged as BeaverTail, Kaiji, fbf543. 645 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1132 phone numbers (7638857447, 8664372914, 2157987305) with 10266 FTC complaints; 146 companies (JPMORGAN CHASE & CO., Advanced Resolution Services Inc., EVERBANK, NATIONAL ASSOCIATION) with 8616274 CFPB complaints; 298 email addresses (xxxxxxxxxxxxxxxxxxxxxxxx@vm...
This cluster centers on 3287 connected domains tagged as HijackLoader, RemcosRAT, screenconnect. 617 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1649 phone numbers (5408463620, 8552597377, 8007873903) with 7110 FTC complaints; 143 companies (Informative LLC, HomePlus Corporation, Doral Capital Corporation) with 8547081 CFPB complaints; 807 email addresses (kellymoore_64@yahoo.com, schantzsybg7@...
This cluster centers on 2874 connected domains tagged as QuasarRAT, StealitStealer, pw-k53mv9bc. 652 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1375 phone numbers (2157987305, 2025069230, 2028641298) with 14635 FTC complaints; 160 companies (JPMORGAN CHASE & CO., Advanced Resolution Services Inc., EVERBANK, NATIONAL ASSOCIATION) with 8680419 CFPB complaints; 299 email addresses (abuse@fb.com, ...
Part of: Other Robocall Campaign3/27/2026
Details
Related Domains
No known connections to other entities yet.
Community Reports
I'm assuming this is a sextortion email? Haven't seen one with the same wording but its very similar to some other ones I've seen after doing some research. Found this article that should calm some people down if you see something similar. https://blog.avast.com/digging-into-sextortion-emails-avast from Jason House essenbergcoricie1985@ yahoo.com "U wank off so actively, as though this is a new type of sports and u work out. This activeness would be enviable, but you bark up the wrong tree! I simply can't understand, how you have not ripped your cock off yet pleasuring urself so actively! Please, tell me honestly, ur hand isn't tired yet? Get some rest from it more often. I'm certain, if you dedicated as much time and effort as you dedicate to masturbating to basketball, you could have become the new Michael Jordan long ago. I'm not interested in the stuff u do in your own time, but there are people who will be interested in this… I guess I'll search for them among the contacts from ur email. You are not careful with ur safety, hide at least the camera of your device from now on. I wasn't very pleased when have gained access to to ur camera, being honest, it's not the most pleasant show, but, as you could have got, I shot your clip. BTC 13hiVVNMPFaE2tDLG94rHmCqfuCJvPeJ9i, 1046 USD. You will have 39 h to persuade me not to share ur video with ur contact list. You have to address my requirements, it is pointless to write me, I am going to delete the email address to ensure my security. If u decide that my demands are not worth attention, your clip will be sent to your contact list, and if I will be pleased, the clip will disappear and I am not gonna bother you again." #update: nothing happened
1642 days ago4 upvotes
Share Your Experience
What's Your Exposure?
Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.
Proton VPN — Block malicious sites and encrypt your connection
Proton VPN routes your traffic through encrypted servers and blocks known malware domains. Free plan available.
Get Proton VPNAffiliate link. We may earn a commission.