2024-05-17 - Generic Email - Phishing Capmapign Observation Alert

82 Phishing Websites for Generic Email Detected in the Past 24 hours

This report has been created to alert potential mass phishing campaign which was recently conducted.
We have observed82 possible phishing websites for the Generic Email in the past 24 hours. This suggests that mass phishing campaign has potentialy been conducted recently. Analysts are need to keep eyes on phishing websites as listed below or similar.

Observed Phishing Website Example

Recent IOCs

hxxps://amenable-tidy-rattlesnake[.]glitch[.]me/
hxxps://pub-a443f8ac83094ae6ba8f33bb5ccf3bae[.]r2[.]dev/gavnkoreupdate[.]html
hxxps://bafybeifb2ze65uy3djkehxwheloygqxgqwkhffmwzwyw6wipw4wknorki4[.]ipfs[.]nftstorage[.]link/d9VTBJrJLR[.]html
hxxps://bafkreiexukkzcxiyhv6l6ccg74thhn56rniinqfune24xsh2ko3fvgj7nu[.]ipfs[.]dweb[.]link/
hxxps://pub-f46d274f964d4b718a271b3214ab8d24[.]r2[.]dev/delivery-auth-mails[.]html
hxxps://bafybeidu3zodfmbxgnms6lqayy74lwud7ivyaq3cmdliscld23folh4rxm[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeibacosel5kclhpumjdss5tbu7mpjyfxuu4z3ke4vxeiptse3ybuya[.]ipfs[.]cf-ipfs[.]com/secureaccess[.]html
hxxp://srv213140[.]hoster-test[.]ru/nn/P22[.]html
hxxps://bafybeihrlrzk4cfvmxastron33eqrdyrrpk53n6upahiwoarwhujlddehu[.]ipfs[.]cf-ipfs[.]com/8fdusf65jdf4797sdz[.]html
hxxps://bafybeifruahacqvacfo6jqmxzvbsug5kwhbaz5ekopyl4sztriz452nfpq[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-64c69be1fe124700af5e247ef3a0ffd0[.]r2[.]dev/index[.]html
hxxps://bafybeie5qwx2uvwzz4zq5oljdex25bculix2drspl5hzlq3yjkaw4qprly[.]ipfs[.]cf-ipfs[.]com/rfvscvr4f3fevsf[.]html
hxxp://srv213146[.]hoster-test[.]ru/ww/P22[.]html
hxxps://bafybeic2mizldwr4xcvnu4bxpilpn6tcetdplqvz43s6knqzlimkn56k2m[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeibwmsptlgsc5jlyuivzl5w577z6nclxn4yero6rgzmz3s45qhfxbi[.]ipfs[.]dweb[.]link/
hxxps://bafybeia24jkq4qcsyoopcne25gjqd2tu5dxb2azk7qmutlmx52uuuhoqni[.]ipfs[.]cf-ipfs[.]com/epgene[.]html
hxxps://bafybeih5nezt74e6pz4d3bke3lyxa3ayec7gacvvtmj5cu77alvok4arme[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeihhottmfxbhc72os3rcmzd7qywxzcng4ih7e46o6zum5tc37ctab4[.]ipfs[.]nftstorage[.]link/KFr08L4Cst[.]html
hxxps://bafybeidkvsjr7gs74qjmkf5gwgvqookyku7vjvg3q747jlldgo6ns6zwtq[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-acb340d3b90c4abcbbb082cd3032f41d[.]r2[.]dev/gencrt01[.]html
hxxps://bafybeigfddcj5q4eexsp7ylqbd2sd6lkxexiwwhjwtxiiu3gq4shuv446e[.]ipfs[.]cf-ipfs[.]com/hrf74784763hbefnr764[.]html
hxxps://bafybeidbsm5grmx2l6hdew4cl4i6ghsht4iibloiklpelfil2y4ttyliiq[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeighbvdx5oz4sbm533j7hoqa4jnjivw6zez36ycrvxouaxdhbsnekq[.]ipfs[.]cf-ipfs[.]com/
hxxps://aksharpackaging[.]in/out/allin1[.]html
hxxps://securedserver[.]co/
hxxps://pub-722720be67154192a1102b2cf085d306[.]r2[.]dev/indexwen[.]html
hxxps://weak-dynamic-puck[.]glitch[.]me/
hxxps://bafybeibtxo6bisbnz3fnp3tc5vzehc5xemhxu5kkwsas6nyrssywkzfxia[.]ipfs[.]dweb[.]link/
hxxps://bafybeiekfp6bhlh53e24mvfam7uuyvjkpjq454oftuymgovoapo3rjz74y[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeic5sqmfct5uiynuhla7tpai4symjdtcn6j75mtpculrjkenqffoce[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeifrm6mybal4invtd53ovkirtqh3575rhb7rvefx7ntynuhgarqezu[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-77759773398343b8976ca594df7daafb[.]r2[.]dev/pppdocu[.]html
hxxps://bafybeigp27tmx544w5zciavdpg5qunb34ihxlht3fsd26azwvq63zlrzle[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-f5383f72959246cb81b6e6b867e22b74[.]r2[.]dev/gens[.]html
hxxps://bafybeiflj5denlouw5sg7ahz4d27vbsvxfjjjb7ymz7c47jmmcmisxj3cq[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeieirs6fhtw74aoemsvxkdo2ojvkhtp56xaqqcagxib7tyamehitve[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafkreihh76kjlf6uecgh7bhs6myy2xg67vltszsqzokhp2ccbtwmnwwnoy[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeiagfmn2gse25qspsw5cvqv33dkl5hbykuebciix6rntqbq7anunpm[.]ipfs[.]dweb[.]link/
hxxps://bafybeibkupaxcxzylrl3koictbz263jlh7bzwifvf5nzdpydtsm5w426n4[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-5053e89a5ae443bba549dff6ee231812[.]r2[.]dev/index[.]html
hxxps://bafybeifbwhv445wzgpfpm7s7uzc5oui6fx3ewb544aaaxnm777sjxxcd7m[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeibwmsptlgsc5jlyuivzl5w577z6nclxn4yero6rgzmz3s45qhfxbi[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-0a8187316fe545349579084f1a9e2a98[.]r2[.]dev/paragen1[.]html
hxxps://webmailkg[.]d28kghs54ci37[.]amplifyapp[.]com/
hxxps://pub-f80097a3858349d38a093198b3255dc2[.]r2[.]dev/auto[.]html
hxxps://bafybeiegyoqh6kopwn7pr72byjqr5kempaeemzy3brgs7up42nariuow6i[.]ipfs[.]dweb[.]link/webmail[.]html
hxxps://tod---pththhep-pe--mtood-opentoo---apnjnnze--da-e-s0[.]pages[.]dev/
hxxps://pub-2572e4e94f21448ebf73533b9f839219[.]r2[.]dev/iiinnks[.]html
hxxps://lli1ij[.]firebaseapp[.]com/
hxxps://bafybeidsrqo5vliqedgh4ow3ubvbqtxvi7olwtl24nr5hzy3dqrdbyuqv4[.]ipfs[.]dweb[.]link/
hxxps://bafybeigrln373idg5k3qbagfdcvg7epwqxi32hm3pesgzidfnwtfkg6h6m[.]ipfs[.]cf-ipfs[.]com/updatdse[.]html
hxxps://bafybeieghukr2v4gwpngbpnlqmps7uci4f2br53qtf6ak54d2klwnlwfl4[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeiguifaoivccpou34xrz2bxik7qftkguedtrdi74k3kpprscbg5a7i[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-aa72f4aa667146739f32618d8c10119d[.]r2[.]dev/ywlp[.]html
hxxps://bafybeiazr27ehn5e5gfesxv3iqwsh3pzgyu7o6tet6tdyjulu3gxx7wicu[.]ipfs[.]dweb[.]link/4292453[.]html
hxxps://pub-81c3789dd05c4f20b7146d1ecf4ab91b[.]r2[.]dev/Autosourceeducation[.]html
hxxps://pub-002a5ca3ff47478994def295a4337c47[.]r2[.]dev/webmail[.]html
hxxps://pub-eb6a6766d3394dad914b4ecbbe01a39e[.]r2[.]dev/jgfe8628372dbd2dw[.]html
hxxps://bafkreiexukkzcxiyhv6l6ccg74thhn56rniinqfune24xsh2ko3fvgj7nu[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-07116cf802b841148cc4dac8eb3af312[.]r2[.]dev/index[.]html
hxxps://gentle-desert-09c6d671e[.]5[.]azurestaticapps[.]net/
hxxps://bafybeibsuixcwdbkyxd7k2tmljs3ju54o57pdia3qbyeqhewst4fakpc2u[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeid6m3smokkj2iw25m3dj5bkvgcoaknxsgzgt6ncna2a6sgpjrafqi[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeihsec7d2nswjsf34cnrqtcuwl53wcr47fwx5isdy3ap6k367dhiuu[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeiaa6f7lknv2mvldhmh6lzrwmirk4dgqowvyz55r2qiyj4rtebudja[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeiefgs2sfr57n4yzagae5wpifstgbnmu76gzocjrsqwwkpmlooeyvi[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeidvbpapcfdp6lgwj6h3prl4umx5blgi55es4tusxc2aybnqvpgqeq[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeidm57x2nzjkamcvlcydl3czskwahbenkjqygaxmxfwuyqld7rekp4[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeieg4qkntiy7lbedbiizruj576fneeujqntsknppdaiupzgxu7nuj4[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafkreicl5qhcdom6wpnyftvx363vyi2m62l2pjaalfjt23mw6riqdpkmoi[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeice32erudy53wyhbuznnwl7zwgoguscgff4qsu5nirzcpuc2direu[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeidg5w2cxdm5dp7wyonxmssep7ietimxyfmm6egfgqbgtmkm3lejfq[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeihmowhvs7sb4xyxkac6pyz5f7qmsff2lvswgpp7gxugr2mqvsz4bq[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeigxp22n7nos7tpj3emfsxu6s75c6sdlq3j6fkp5tc7abm4acnqqky[.]ipfs[.]cf-ipfs[.]com/
hxxps://sinclairgibson[.]site/productivitysecstreams/
hxxps://pub-536613e4899743b2baa8e05db6af3932[.]r2[.]dev/servcomp[.]html
hxxps://pub-b189a2b096924d8ba52aa8fe8b1b69f3[.]r2[.]dev/index[.]html
hxxps://bafybeidtq2wsdincqxdhxd6tcvebvk5666nawi3ter7wbow5jrg5xfs7va[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeiaazqds7ilfgeula3lngcfhgi22fhom5n7oofzqvmvoc3javzqgna[.]ipfs[.]dweb[.]link/
hxxps://bafybeihm24qbsk3sifu4jxpdeto57j4pmkpzopfa4a7rwr3j5bpbea2x7u[.]ipfs[.]dweb[.]link/
hxxps://pub-3d320c5f8b9847de9a1f7ede095a8504[.]r2[.]dev/pub-secure-ipfs-server[.]r2[.]devautipfspreadstalogginsecureip[.]htm
hxxps://bafybeig45tfrukecndtpr5mfmhtfnityih2l7yqv2rqekl4fnllwl4wihq[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeiaxryggk7hglvxdgug52we7zsi2h3vr3xbsbftz5yhhfbh2gedfmy[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeigp4apcs3npedbblybczb7yk72rsfib62q3v6242natltwkieqpea[.]ipfs[.]cf-ipfs[.]com/
hxxps://xn--w1ai[.]web[.]app/host:-webmail[.]rz[.]uni-frankfurt[.]de:8093?zrkkntxeewqm27gqw3j6hfnczrufyu589sabpmsactygvdhj4b
hxxps://bafybeignjq3wgn522anltproe3qdxmbxzbalkoqr6rppf5kxjmae3x6pcq[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeifbvlfd5ipypkky3urplg7fsnvzrdpurg2l72j7ugl23ejxp33zxy[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-d514bc80601a4a7fb27217e3425b0a8b[.]r2[.]dev/Web3Portal[.][.]html
hxxps://pub-384819f358494f06b5be0b5af5226eb1[.]r2[.]dev/willgame[.]html
hxxps://pub-36ad049151b04226a162484932b2fd71[.]r2[.]dev/31mar-y[.]html
hxxps://bafybeibrymu5oesjhr3kz3bcqxiqvyr237ntekniwzk2t6pk7mxlwioxeq[.]ipfs[.]cf-ipfs[.]com/verified[.]html
hxxps://bafybeielwmwtla4i6z47gkz2dlm6tfvyxxrqu2cpfwplbllx4owczsr244[.]ipfs[.]cf-ipfs[.]com/lastaspx[.]html
hxxps://bafybeiemdg3vsowey7d5irnzktkbz2dsy4ojdvvmytlhkkkpmnsz62c4su[.]ipfs[.]dweb[.]link/
hxxps://bafybeidj3smq2gbtq5dtpvjheq7oosxd7akjyg7lyhdqzfs4r7y3vridne[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeifpgdpame7wvs5aterirbx6tjcnztxu63vp2gibrp3ubxtk22fuky[.]ipfs[.]cf-ipfs[.]com/886256281mn9090767mabo[.]html
hxxps://bafybeiep2pgtdmirohh5sltnn5fehtkqclq4tfquaypb63mkj2dwqjurem[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-8379430e45d8459aa302b6cbf31a08a7[.]r2[.]dev/e02a9b4adb[.]html
hxxps://bafybeid2edyltg3b6pj5w25i37jzwmoe5a7wtn2sugkj2jcslzgvzls52m[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeihor5bdnkouc2gtnibceihhbxezpo4l3nn5n6i5fywb53eftzifzi[.]ipfs[.]cf-ipfs[.]com/
hxxps://pub-529bb51871cd47bd8d295976fc626639[.]r2[.]dev/gennewbuck22[.]html
hxxps://bafkreic3swqafzamx3z4w2dbrglakpqib66nmvxrkxeapjyf3lxy4frxte[.]ipfs[.]dweb[.]link/
hxxps://bafybeih7bjlxrzx5aefijkkcwxsdsaggseqgkngjn2ylsbxltkmwxds3le[.]ipfs[.]dweb[.]link/
hxxps://bafybeidsrqo5vliqedgh4ow3ubvbqtxvi7olwtl24nr5hzy3dqrdbyuqv4[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeibtxo6bisbnz3fnp3tc5vzehc5xemhxu5kkwsas6nyrssywkzfxia[.]ipfs[.]cf-ipfs[.]com/
hxxps://recnnt--ldpantnepo----pappqpqp-qpemteppnng---ngnhapntn[.]pages[.]dev/
hxxps://bafkreielxcx7elqgqa2ivv77zr3jht5uymzcdrzcv7w4mv7tlra4yad7vm[.]ipfs[.]dweb[.]link/
hxxps://bafybeicnpl7kt3ebwkb77ll2v6u5lzgnkijcc44uvwlahtcc2p35f23pym[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafkreigxrq4mhsz6g27qqmgm5x4tbk2lnghe27inbavaisizvnsz32szwa[.]ipfs[.]cf-ipfs[.]com/
hxxps://ipfs[.]io/ipfs/bafybeib3h4lklzyccmavfwdadkt3umhnlnhfjkpncwu6wywc6fo5bcdq2u
hxxps://bafybeih3lbqdqzissaehdc4wj7xjdefiehe3vvpx55rmrnsynrvjky2amq[.]ipfs[.]cf-ipfs[.]com/
hxxps://bafybeifruahacqvacfo6jqmxzvbsug5kwhbaz5ekopyl4sztriz452nfpq[.]ipfs[.]dweb[.]link/
hxxps://pub-c70457c4fe374ce7bdd43bbd82a3435d[.]r2[.]dev/webdev[.]html

Phishing URL IOCs

You can see our feed of observed IOCs for the brand on following threat intelligence platforms.
https://www.virustotal.com/gui/collection/user/noladefense/collections
https://otx.alienvault.com/user/noladefense/pulses

What is Phishing?

Phishing is a type of scam where criminals create fake websites, emails or messages that appear to be from a legitimate source, such as a bank or e-commerce site, to trick people into giving away their personal information, such as passwords or credit card numbers. They use this information to steal money, commit identity theft or carry out other fraudulent activities.

How to Handle It

If you have already accessed such phishing websites, take the following steps:

If you entered any personal information, change all passwords and alert your bank and credit card companies.
Enable multi factor authentication to prevent access from attacker.
If you entered any financial information, check your bank and credit card statements to ensure no fraudulent activity has occurred.
Install anti-virus software and keep it up-to-date to prevent future phishing attempts.
Be sure to also spread the word to your friends and family about this phishing site, and always be cautious when providing personal or financial information online.

Why Phishing is Dangerous

Phishing is dangerous because it can result in identity theft, financial loss, and other negative consequences. Criminals can use your personal information to open new bank accounts, apply for loans or credit cards, and even file tax returns in your name. Phishing attacks are becoming increasingly sophisticated and difficult to detect, so it is important to be cautious and vigilant when providing personal information online.

Conclusion

Phishing attacks are a serious threat that can result in significant financial and personal losses. If you have encountered a similar website, be sure to take immediate action to protect your personal and financial information. By reporting the site and spreading the word about the dangers of phishing, you can help prevent others from falling victim to these scams.

NOLA Defense

Search This Blog