This cluster centers on 2382 connected domains tagged as PureHVNC, elf, sh. 572 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 557 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2228 complaints with federal agencies. Geog...
Phone Number
(356) 235-3108
Last reported Feb 24, 2026
Low Activity
- 1 community report from users
Campaign Intelligence
This cluster centers on 2396 connected domains tagged as 156-233-71-230, Quakbot, lnk. 586 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 565 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2237 complaints with federal agen...
This cluster centers on 1895 connected domains tagged as BeaverTail, RedLineStealer, password: 2026. 113 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 934 phone numbers (8772427372, 1319641540, 1319641221) with 524 FTC complaints; 683 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2093 complaints wit...
This cluster centers on 2416 connected domains tagged as BABADEDA, WallStealer, meterpreter. 607 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (5086371451, 9366439335, 1842506726) with 570 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2243 complaints with federa...
This cluster centers on 2764 connected domains tagged as BeaverTail, Kaiji, fbf543. 645 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1132 phone numbers (7638857447, 8664372914, 2157987305) with 10266 FTC complaints; 146 companies (JPMORGAN CHASE & CO., Advanced Resolution Services Inc., EVERBANK, NATIONAL ASSOCIATION) with 8616274 CFPB complaints; 298 email addresses (xxxxxxxxxxxxxxxxxxxxxxxx@vm...
This cluster centers on 3287 connected domains tagged as HijackLoader, RemcosRAT, screenconnect. 617 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1649 phone numbers (5408463620, 8552597377, 8007873903) with 7110 FTC complaints; 143 companies (Informative LLC, HomePlus Corporation, Doral Capital Corporation) with 8547081 CFPB complaints; 807 email addresses (kellymoore_64@yahoo.com, schantzsybg7@...
This cluster centers on 2874 connected domains tagged as QuasarRAT, StealitStealer, pw-k53mv9bc. 652 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1375 phone numbers (2157987305, 2025069230, 2028641298) with 14635 FTC complaints; 160 companies (JPMORGAN CHASE & CO., Advanced Resolution Services Inc., EVERBANK, NATIONAL ASSOCIATION) with 8680419 CFPB complaints; 299 email addresses (abuse@fb.com, ...
Part of: Other Robocall Campaign3/27/2026
Details
Connected Entities
Related Phone Numbers
Community Reports
Moonpay: Phishing email Not sure what the goal is with this one. They include a PDF, but a preview in Google shows nothing. Not sure if it's got some sort of executable hiding in it or if they are hoping you reply. I don't see any reason for my org to utilize Moonpay, so I'll see if I can set a rule to block future emails of this ilk. But something new for all you admins to keep an eye on. **From:** Billdesk <[jvvkgjvivig@gmail.com](mailto:jvvkgjvivig@gmail.com)\> **Subject:** Hi <your name> **Body:** Dear <your name>, You've sent a payment of $611.18 USD to MoonPay USA LLC. Here are the details attached about your automated payment. Your payment: Transaction ID : PP45W3E456 Payment date: 11-Sep-2023 Payment Method: Automatic CC debit Registerd Name: <your name> Registered address: <your address> Your payment has been processed in line with the User Agreement. For any query, Contact Support at: +1 (201) 688-7045 Details about your automatic payment: Profile ID: M-R3E4R3562353108P4 Amount per cycle: $611.18 USD Period of billing: Monthly Payments begin on: 11-Sep-2023 Your next payment: Due: 11-Oct-2023 Amount: $611.18 USD Need Help? We are not able to make changes to your order, but you do have the option to cancel it. If you want to cancel the order or make refund, feel free to contact the help desk at: +1 (201) 688-7045 We don't check this mailbox, so please don't reply to this message. If you have a question, go to Help & Contact. We have sent this message to <your name>, (<your email>). We are committed to your privacy. Learn more about our privacy notice and user agreement.
928 days ago1 upvote
Share Your Experience
What's Your Exposure?
Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.
Proton Pass — Unique passwords for every account
After a breach, reused passwords let attackers into your other accounts. Proton Pass generates and stores a unique password for each one.
Try Proton Pass freeAffiliate link. We may earn a commission.