Domain

varomoney.com

First seen Feb 24, 2026

Suspicious

No SSL certificate
1 community report from users

Campaign Intelligence

This cluster centers on 2382 connected domains tagged as PureHVNC, elf, sh. 572 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 557 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2228 complaints with federal agencies. Geog...

Part of: Dropped call or no message Robocall Campaign3/17/2026

This cluster centers on 2396 connected domains tagged as 156-233-71-230, Quakbot, lnk. 586 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 565 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2237 complaints with federal agen...

Part of: Lotteries, prizes & sweepstakes Robocall Campaign3/18/2026

This cluster centers on 1895 connected domains tagged as BeaverTail, RedLineStealer, password: 2026. 113 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 934 phone numbers (8772427372, 1319641540, 1319641221) with 524 FTC complaints; 683 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2093 complaints wit...

Part of: Medical & prescriptions Robocall Campaign2/26/2026

This cluster centers on 2416 connected domains tagged as BABADEDA, WallStealer, meterpreter. 607 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (5086371451, 9366439335, 1842506726) with 570 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2243 complaints with federa...

Part of: Lotteries, prizes & sweepstakes Robocall Campaign3/19/2026

This cluster centers on 3287 connected domains tagged as HijackLoader, RemcosRAT, screenconnect. 617 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1649 phone numbers (5408463620, 8552597377, 8007873903) with 7110 FTC complaints; 143 companies (Informative LLC, HomePlus Corporation, Doral Capital Corporation) with 8547081 CFPB complaints; 807 email addresses (kellymoore_64@yahoo.com, schantzsybg7@...

Part of: Dropped call or no message Robocall Campaign3/21/2026

Details

First Seen

2/24/2026

Related Domains

identity@varomoney.com

reported together

Community Reports

Varo Bank account opened in my name **TL;DR**: I received a debit card opened in my name for a bank I have never heard of; what steps should I take to protect my identity? Recently, I received a debit card in the mail from Varo Bank that looked like any run-of-the-mill marketing credit card. However, the card caught my attention as it had my full name printed on the card (and the card had a chip, something that seems a bit expensive for a piece of marketing). The envelope for the card had steps on how to "activate your card." Upon a quick Google, I found [this Reddit thread](https://www.reddit.com/r/Scams/comments/w470sn/varo_bank_sent_me_a_card_with_all_my_correct/) where others seem to have had similar experiences. Following some advice in the thread, I reached out to [identity@varomoney.com](mailto:identity@varomoney.com). I received terse replies from their email in which they asked me to confirm the last four digits of the debit card, as well as my full name. After not having heard back from them in several days (though some of this may have been given the holiday timing), I received a boilerplate email with instructions on how to protect one's identity. Here is a sample of the content: >We are sorry for the long wait and to hear you believe you may have been a victim of identity theft. Unfortunately, fraudsters often use stolen identity information to open accounts in your name. Often, identity thieves will use another person’s personal information, such as a social security number, mother’s maiden name, date of birth, or account number to open fraudulent new credit card accounts, charge existing credit card accounts, write checks, open bank accounts, or obtain new loans. They may obtain this information by. . . **So, here is my question for any experts or kind souls who come across this post:** what *should* I do? And how worried should I be? The email suggests some generic steps that I figure I ought to take: report to the FTC, place a fraud alert on my

849 days ago1 upvote

Share Your Experience

What's Your Exposure?

Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.

Proton VPN — Block malicious sites and encrypt your connection

Proton VPN routes your traffic through encrypted servers and blocks known malware domains. Free plan available.

Get Proton VPNAffiliate link. We may earn a commission.