This cluster centers on 2382 connected domains tagged as PureHVNC, elf, sh. 572 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 557 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2228 complaints with federal agencies. Geog...
Phone Number
(617) 489-8326
Last reported Feb 24, 2026
Low Activity
- 1 community report from users
Campaign Intelligence
This cluster centers on 2396 connected domains tagged as 156-233-71-230, Quakbot, lnk. 586 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 565 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2237 complaints with federal agen...
This cluster centers on 1895 connected domains tagged as BeaverTail, RedLineStealer, password: 2026. 113 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 934 phone numbers (8772427372, 1319641540, 1319641221) with 524 FTC complaints; 683 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2093 complaints wit...
This cluster centers on 2416 connected domains tagged as BABADEDA, WallStealer, meterpreter. 607 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (5086371451, 9366439335, 1842506726) with 570 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2243 complaints with federa...
This cluster centers on 3287 connected domains tagged as HijackLoader, RemcosRAT, screenconnect. 617 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1649 phone numbers (5408463620, 8552597377, 8007873903) with 7110 FTC complaints; 143 companies (Informative LLC, HomePlus Corporation, Doral Capital Corporation) with 8547081 CFPB complaints; 807 email addresses (kellymoore_64@yahoo.com, schantzsybg7@...
Details
Connected Entities
No known connections to other entities yet.
Community Reports
emgw.xyz crypto scam that stole more than 200k $ This is a cryptocurrency scam website that has stolen over $200,000 USD from its users. The site gives lots of red flags on the main page. They claim to be "partners" of CoinGecko and Coinbase, which is, of course, a lie. The scam site claims to be a liquefied miner and promises to give 2% of the total investment per day (with this amount of earnings per day, it's a huge red flag), When I was using the scam website, the site paid me all the times (4 withdrawals of $30, total $120), and the fact that they were paying me gave me a lot of confidence about the site (even with all the red flags on the site). They do that to bring trust to the user. But unfortunately, it did not go well for me, and they robbed me of $472. The scam of the site is quite simple. To start "mining," you will need an initial investment (that you will earn 2% of every day from the "mining") and you need to pay a "miner fee," which is actually a transaction that gives access to a wallet to make transactions on the user's USDTs (A.K.A. [Token Approval](https://support.metamask.io/hc/en-us/articles/6174898326683-What-is-a-token-approval-)) In my case, here's the "miner fee" that I paid to start mine: [https://etherscan.io/tx/0x968b95c6511b9a3119cdf1c912d64a33b71c9637255ba38bf8dc509725b9bde3](https://etherscan.io/tx/0x968b95c6511b9a3119cdf1c912d64a33b71c9637255ba38bf8dc509725b9bde3) After some time of mining on the site, I noticed that they had made a transaction from my wallet to another wallet for **472$**. (transaction: [https://etherscan.io/tx/0xbd8743fe5702556c38a80b64ab3c2747625b26af994e222ee5dbc2051278fb7f](https://etherscan.io/tx/0xbd8743fe5702556c38a80b64ab3c2747625b26af994e222ee5dbc2051278fb7f)) After I was robbed of the $472, I went to contact the site support, and these were the conversations: >**Me** *\[06/04/2023 12:00\]*: Hello, I was in my wallet, when I noticed that the USDTs in my wallet disappeared, what happened? > >**Me*
1081 days ago3 upvotes
Share Your Experience
What's Your Exposure?
Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.
Proton VPN — Block malicious sites and encrypt your connection
Proton VPN routes your traffic through encrypted servers and blocks known malware domains. Free plan available.
Get Proton VPNAffiliate link. We may earn a commission.