Scam Detective
Phone Number

(416) 367-4106

Last reported Mar 28, 2026

Low Activity
  • 2 community reports from users

Campaign Intelligence

This cluster centers on 2382 connected domains tagged as PureHVNC, elf, sh. 572 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 557 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2228 complaints with federal agencies. Geog...

Part of: Dropped call or no message Robocall Campaign3/17/2026

This cluster centers on 2396 connected domains tagged as 156-233-71-230, Quakbot, lnk. 586 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 565 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2237 complaints with federal agen...

Part of: Lotteries, prizes & sweepstakes Robocall Campaign3/18/2026

This cluster centers on 1895 connected domains tagged as BeaverTail, RedLineStealer, password: 2026. 113 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 934 phone numbers (8772427372, 1319641540, 1319641221) with 524 FTC complaints; 683 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2093 complaints wit...

Part of: Medical & prescriptions Robocall Campaign2/26/2026

This cluster centers on 2416 connected domains tagged as BABADEDA, WallStealer, meterpreter. 607 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (5086371451, 9366439335, 1842506726) with 570 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2243 complaints with federa...

Part of: Lotteries, prizes & sweepstakes Robocall Campaign3/19/2026

This cluster centers on 2764 connected domains tagged as BeaverTail, Kaiji, fbf543. 645 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1132 phone numbers (7638857447, 8664372914, 2157987305) with 10266 FTC complaints; 146 companies (JPMORGAN CHASE & CO., Advanced Resolution Services Inc., EVERBANK, NATIONAL ASSOCIATION) with 8616274 CFPB complaints; 298 email addresses (xxxxxxxxxxxxxxxxxxxxxxxx@vm...

Part of: Reducing your debt (credit cards, mortgage, student loans) Robocall Campaign3/26/2026

This cluster centers on 3287 connected domains tagged as HijackLoader, RemcosRAT, screenconnect. 617 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1649 phone numbers (5408463620, 8552597377, 8007873903) with 7110 FTC complaints; 143 companies (Informative LLC, HomePlus Corporation, Doral Capital Corporation) with 8547081 CFPB complaints; 807 email addresses (kellymoore_64@yahoo.com, schantzsybg7@...

Part of: Dropped call or no message Robocall Campaign3/21/2026

This cluster centers on 2874 connected domains tagged as QuasarRAT, StealitStealer, pw-k53mv9bc. 652 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1375 phone numbers (2157987305, 2025069230, 2028641298) with 14635 FTC complaints; 160 companies (JPMORGAN CHASE & CO., Advanced Resolution Services Inc., EVERBANK, NATIONAL ASSOCIATION) with 8680419 CFPB complaints; 299 email addresses (abuse@fb.com, ...

Part of: Other Robocall Campaign3/27/2026

This cluster centers on 1486 connected domains tagged as None, keylogger. 5 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1364 phone numbers (3124141737, 3163966869, 8553892999) with 17909 FTC complaints; 170 companies (EQUIFAX, INC., TRANSUNION INTERMEDIATE HOLDINGS, INC., BANK OF AMERICA, NATIONAL ASSOCIATION) with 8747332 CFPB complaints; 187 email addresses (xxxxxxxxxxxxxxxxxxxxxxxx@vmh5.grup...

Part of: No Subject Provided Robocall Campaign3/28/2026

Details

First Seen
2/23/2026
Last Reported
3/28/2026
Area Code
416

Linked Company Activity

Block, Inc.
380 BBB complaints
Credit Corp Solutions Inc.
2313 BBB complaints
ACCESS GROUP INC.
338 BBB complaints
ACCOUNT SERVICES INC.
2342 BBB complaints
Direct, Inc
631 BBB complaints

Connected Entities

Community Reports

Strange email from “FidelityLife” that ends in a while dump of random gibberish I’m sorry this is so long but I copied and pasted everything in the email onto here. I got an email from FidelityLife but the address is actually “dYkgasn.157kXxQ1WN4f-noReply@ boyhip. net” and was sent to me at “[myemail]@outlook.com” but I use gmail so I’m not sure how this even got to me. If anybody has some insight as to what happened, why all that gibberish is there, what it might mean, or how it got to me, I’d really appreciate it. Again, sorry for the long post. Thank you. Edited to add: A lot of the random stuff below was in different font sizes, underlines, strikethroughs, links, and languages. Obviously the formatting didn’t stay the same when I copied it. It’s so strange. $1 million in Life Insurance Coverage 91.210.190.69 3778359 mVfquWzirv.edu SUHkoLItUn.edu cAgbDSupyr.edu cOcPBjIMvq.edu hfmnXHTsNN.edu zaLTuRFJOP.edu wNRctsqdJf.edu KJpRcFSKBS.edu KwmroGAnkW.edu lbBOyNQcMr.edu NqgjdnvIOX.edu eUBlpVUEUJ.edu SCxgfoSdRw.edu bfJyltJRld.edu VQcakwaWNb.edu XQKuBDaUYh.edu PFtOfXEUJU.edu YyHgxSSQGu.edu BCVYjbbqpi.edu uMYlOiNRgF.edu FqkZggwZYR.edu dVEprVwEoU.edu muRoCLAmmo.edu nqCKVPwgyD.edu XZBGxzxQzk.edu QujAtAtgsp.edu JVliSiMaNM.edu mPKmeOWZlU.edu pvJvTyPCVj.edu vSibrFSEez.edu qNdfvSrfDi.edu qjEjdayZJz.edu MYRcKhuYGt.edu PjuAhYFdRf.edu OhGTpUMujE.edu wFuMcClbUU.edu NQeuRbnNpj.edu HfqVNSoSWV.edu xTlQOzRfXd.edu yZteTvRBqX.edu nFNfogfQkX.edu XBMzQZQCdJ.edu YBlAUuqjmN.edu pBIsAAEFXB.edu RJcLgcpsHa.edu hcbHitglQs.edu bOgOInVBcF.edu cLGvtSiGHR.edu lecbASBflC.edu onpxUdqUZI.edu KOhhBYaVMB.edu lArttqSZqZ.edu ----Rf;sklh;aeq 403 ERROR The request could not be satisfied. The Amazon CloudFront distribution is configured to block access from your country. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. If you provide content to customers through Clo

1992 days ago3 upvotes

Strange email from “FidelityLife” that ends in a while dump of random gibberish I’m sorry this is so long but I copied and pasted everything in the email onto here. I got an email from FidelityLife but the address is actually “dYkgasn.157kXxQ1WN4f-noReply@ boyhip. net” and was sent to me at “[myemail]@outlook.com” but I use gmail so I’m not sure how this even got to me. If anybody has some insight as to what happened, why all that gibberish is there, what it might mean, or how it got to me, I’d really appreciate it. Again, sorry for the long post. Thank you. Edited to add: A lot of the random stuff below was in different font sizes, underlines, strikethroughs, links, and languages. Obviously the formatting didn’t stay the same when I copied it. It’s so strange. $1 million in Life Insurance Coverage 91.210.190.69 3778359 mVfquWzirv.edu SUHkoLItUn.edu cAgbDSupyr.edu cOcPBjIMvq.edu hfmnXHTsNN.edu zaLTuRFJOP.edu wNRctsqdJf.edu KJpRcFSKBS.edu KwmroGAnkW.edu lbBOyNQcMr.edu NqgjdnvIOX.edu eUBlpVUEUJ.edu SCxgfoSdRw.edu bfJyltJRld.edu VQcakwaWNb.edu XQKuBDaUYh.edu PFtOfXEUJU.edu YyHgxSSQGu.edu BCVYjbbqpi.edu uMYlOiNRgF.edu FqkZggwZYR.edu dVEprVwEoU.edu muRoCLAmmo.edu nqCKVPwgyD.edu XZBGxzxQzk.edu QujAtAtgsp.edu JVliSiMaNM.edu mPKmeOWZlU.edu pvJvTyPCVj.edu vSibrFSEez.edu qNdfvSrfDi.edu qjEjdayZJz.edu MYRcKhuYGt.edu PjuAhYFdRf.edu OhGTpUMujE.edu wFuMcClbUU.edu NQeuRbnNpj.edu HfqVNSoSWV.edu xTlQOzRfXd.edu yZteTvRBqX.edu nFNfogfQkX.edu XBMzQZQCdJ.edu YBlAUuqjmN.edu pBIsAAEFXB.edu RJcLgcpsHa.edu hcbHitglQs.edu bOgOInVBcF.edu cLGvtSiGHR.edu lecbASBflC.edu onpxUdqUZI.edu KOhhBYaVMB.edu lArttqSZqZ.edu ----Rf;sklh;aeq 403 ERROR The request could not be satisfied. The Amazon CloudFront distribution is configured to block access from your country. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. If you provide content to customers through Clo

1992 days ago3 upvotes

Share Your Experience

What's Your Exposure?

Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.

NordProtect Identity theft monitoring and recovery

NordProtect watches for your personal info on the dark web, monitors your credit, and covers up to $1M in identity theft insurance.

Get NordProtectAffiliate link. We may earn a commission.