Tracking bank/crypto phishing gang(s) using Google Sites, Tawk.to, MS Azure sites, Wordpress, etc

ElmerFudde2020 · 17 January 2024 02:30

Another:

https://sites.google.com/codeacti.com/amazoncomcode/

links to

https://am.bloklognn.gb.net/log/ fake login

https://am.bloklognn.gb.net/err/ fake error

Again, a tawk.to web chat widget.

ElmerFudde2020 · 17 January 2024 16:31

Another call today from “Stefan” from PayPal. His favorite color is magenta.

ElmerFudde2020 · 18 January 2024 02:01

Callback “Jake from Bittrex” 754-227-8736.

When I asked for his favorite color, he asked me to wait one moment, and hung up! How rude.

ElmerFudde2020 · 19 January 2024 22:45

Found another one!

Google Sites page: https://sites.google.com/coinlogs.us/cryptocomloginissues/home

Azure hosting/phishing page https://cryptoedv.azurewebsites.net/

ElmerFudde2020 · 27 January 2024 22:05

Another callback number from this group: Earlier today I was pinging the web chat widgets on a bunch of their phishing sites (many are still active), and just got a call from “Josh from Swissborg.” His TextNow number is 972-833-1205. He won’t tell me his favorite color.

He texted me: "This side Josh from SwissBorg. We have found suspicious activity in your wallet. Kindly call us back.

Team SwissBorg"

ElmerFudde2020 · 27 January 2024 22:40

Another callback number: “Josh from Bitstamp” – 423-218-9543

ElmerFudde2020 · 29 January 2024 01:55

More website(s) active with tawk.to chat widgets, reported them to tawk.to with their form.

https://sites.google.com/coinlogs.us/cryptocomloginissues/home

links to

https://cryptomnes.azurewebsites.net/

with the fake error page

https://cryptomnes.azurewebsites.net/error.html

Tawk.to client id: 659c3f7b8d261e1b5f50daed .

Edit: another new one:

https://metamavesk.azurewebsites.net/

ElmerFudde2020 · 29 January 2024 02:30

LOL Paul (Senior!) is working late … perfect time for a late night chat, join in at

https://tawk.to/chat/653f9c79f2439e1631e9e1ab/1he07mfc1?pop=1

ElmerFudde2020 · 31 January 2024 02:30

Another one of Scammer Paul’s live chat URLs:

https://tawk.to/chat/653f9a86a84dd54dc486adfe/1he077833?pop=1

He’s working late, check in and ask about your bitcoins.

ElmerFudde2020 · 2 February 2024 02:32

New subdomain: https://cryptro.azurewebsites.net/

ElmerFudde2020 · 4 February 2024 20:02

New subdomain: https://metamaskds.azurewebsites.net/

ElmerFudde2020 · 4 February 2024 23:15

New Tawk.to web chat account: Jack is available now to consult about your failed login!

https://tawk.to/chat/65b7804f8d261e1b5f591333/1hlacqeoe?pop=1

from

https://capitttll.online/err/

Update: “Mark” from Capital One can be reached at 707-327-2882.

ElmerFudde2020 · 4 February 2024 23:49

Another list of phishing domains on the same IP address:

ElmerFudde2020 · 8 February 2024 03:10

Paul wants to chat with you about your account – any account! (New Tawk.to id)

https://tawk.to/chat/65c0c3248d261e1b5f5c7aa1/1hlsfkici?pop=1

drwat · 8 February 2024 05:21

https://tawk.to/chat/65b7804f8d261e1b5f591333/1hlacqeoe

drwat · 8 February 2024 05:31

He has no info about me but still will stop any new purchases
Jack

21:24

my card lost

Do not worry. We are forwarding your request to concerned dept.

They will get back to you over phone call in the morning after 6-8 hrs

May be after 9 in morning .is that okay ?

yes. can you block now any new purchases?

Okay.it will be done.

Anything else may I help you ?

many thanks

Please also check your email after some time regarding this .

Good night.

ElmerFudde2020 · 11 February 2024 01:53

Another Tawk.to chat link from https://piopp.ink/ers/ (fake PayPal)

https://tawk.to/chat/65c49e8f0ff6374032caadfa/1hm40motc

And another one from https://cprosis.shop/err/ (fake Crypto dot com)

https://tawk.to/chat/65c0ba9c0ff6374032c973d3/1hlsdhtqg

ElmerFudde2020 · 13 February 2024 16:19

https://capitttll.online/logg/ is still live, after pinging the site and providing a phone number I got a call from “Chris from Capital One” at 330-294-6857. He wouldn’t tell me his favorite color.