This cluster centers on 2382 connected domains tagged as PureHVNC, elf, sh. 572 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 557 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2228 complaints with federal agencies. Geog...
Phone Number
(737) 204-6760
Last reported Feb 24, 2026
Low Activity
- 1 community report from users
Campaign Intelligence
This cluster centers on 2396 connected domains tagged as 156-233-71-230, Quakbot, lnk. 586 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (8772427372, 1319641540, 1319641221) with 565 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2237 complaints with federal agen...
This cluster centers on 1895 connected domains tagged as BeaverTail, RedLineStealer, password: 2026. 113 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 934 phone numbers (8772427372, 1319641540, 1319641221) with 524 FTC complaints; 683 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2093 complaints wit...
This cluster centers on 2416 connected domains tagged as BABADEDA, WallStealer, meterpreter. 607 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 969 phone numbers (5086371451, 9366439335, 1842506726) with 570 FTC complaints; 690 email addresses (kellymoore_64@yahoo.com, schantzsybg7@aol.com, online.motors@consultant.com). Across all linked entities, consumers have filed 2243 complaints with federa...
This cluster centers on 3287 connected domains tagged as HijackLoader, RemcosRAT, screenconnect. 617 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1649 phone numbers (5408463620, 8552597377, 8007873903) with 7110 FTC complaints; 143 companies (Informative LLC, HomePlus Corporation, Doral Capital Corporation) with 8547081 CFPB complaints; 807 email addresses (kellymoore_64@yahoo.com, schantzsybg7@...
Details
Connected Entities
No known connections to other entities yet.
Community Reports
Creative Scam Warning - "Free receive sms" websites with messages reading "Your login pass for 'crypto-scam-url.com' is uYsugjI for account 'joebob@gmail.com' and you have $95,000" Hi all, just stumbled on this sub reddit, not sure if this has been talked about much, but wanted to show a scam I have seen that I thought was pretty clever. Basically, I needed to receive an SMS and didn't have one, used one of those free websites such as [https://receive-smss.com/](https://receive-smss.com/) \- there are PLENTY of them, and they really do actually work, if all you need is a quick sms code to sign up for a random website, telegram, etc. (The biggest issue is most websites like google/telegram and so on already have flagged ALL the phone numbers they use, so it likely won't work, but years ago it was easier) But if you just need someone to text you once for some reason, they work, however, everyone sees the message. So the scam is relatively creative and simple. You see all the messages people are receiving on these 'burner online sms' numbers. Usually it's just : "Your one time code is 51235" and that's it. Or "Your 2factor for [xyz.com](https://xyz.com) is 512352" - something that by itself won't help anyone hack/scam you. Nothing about your account name is usually in these quick sms messages (you've all gotten these messages before) But one message I saw was like the title suggests, had the website, the login, the password, the dollar amount of crypto held. Out of curiosity, I dug in, with VPNs on and no wallets connected and no real emails used. The scam was probably like most others, a url that's pretty simple like '[trade247legit.com](https://trade247legit.com)' and a VERY SIMPLE interface. If you go to the website, you actually CAN register a new account, you put in an email and password, it sends you a confirmation email, you log in to a fresh account with zero assets, a user profile, the whole works. Then, if you log in with the account/password in
952 days ago3 upvotes
Share Your Experience
What's Your Exposure?
Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.
NordVPN — Block threats and hide your IP from trackers
NordVPN encrypts your internet traffic and blocks malicious websites, ads, and trackers before they reach your device.
Get NordVPNAffiliate link. We may earn a commission.