Tracking bank/crypto phishing gang(s) using Google Sites,, MS Azure sites, Wordpress, etc


links to

Sign In fake login

Error! fake error

Again, a web chat widget.

Another call today from “Stefan” from PayPal. His favorite color is magenta.

Callback “Jake from Bittrex” 754-227-8736.

When I asked for his favorite color, he asked me to wait one moment, and hung up! How rude.

1 Like

Found another one!

Google Sites page: login issues | Official Website

Azure hosting/phishing page

1 Like

Another callback number from this group: Earlier today I was pinging the web chat widgets on a bunch of their phishing sites (many are still active), and just got a call from “Josh from Swissborg.” His TextNow number is 972-833-1205. He won’t tell me his favorite color.

He texted me: "This side Josh from SwissBorg. We have found suspicious activity in your wallet. Kindly call us back.

Team SwissBorg"

1 Like

Another callback number: “Josh from Bitstamp” – 423-218-9543

More website(s) active with chat widgets, reported them to with their form.

links to

with the fake error page client id: 659c3f7b8d261e1b5f50daed .

Edit: another new one:

1 Like

LOL Paul (Senior!) is working late … perfect time for a late night chat, join in at

1 Like

Another one of Scammer Paul’s live chat URLs:

He’s working late, check in and ask about your bitcoins.

New subdomain:

1 Like

New subdomain:

New web chat account: Jack is available now to consult about your failed login!


Update: “Mark” from Capital One can be reached at 707-327-2882.

Another list of phishing domains on the same IP address:

1 Like

Paul wants to chat with you about your account – any account! (New id)

1 Like

He has no info about me but still will stop any new purchases


my card lost

Agent profile image

Do not worry. We are forwarding your request to concerned dept.

They will get back to you over phone call in the morning after 6-8 hrs

May be after 9 in morning .is that okay ?

yes. can you block now any new purchases?

Agent profile image will be done.

Anything else may I help you ?

many thanks

Agent profile image

Please also check your email after some time regarding this .

Good night.

Another chat link from Error! (fake PayPal)

And another one from Error! (fake Crypto dot com)

1 Like

Log In is still live, after pinging the site and providing a phone number I got a call from “Chris from Capital One” at 330-294-6857. He wouldn’t tell me his favorite color.

1 Like

Another one:

Ledger Live Not Working : Most Secure Crypto Wallet App and
Ledger Wallet Extension : Most Secure Crypto Wallet extension

link to

which redirects to

fake error page: chat:

Update: Another feeder website:

A Twitter spambot account promoting these scams – note that this amazingly prolific gang does German-language scams, too:

Update 2: and French! Ledger Live Wallet– Exploration de l'application logicielle et du périphérique de portefeuille , associated Twitter bot

1 Like

Another possible lead to follow up on with this group:

A tweet by the spambot that promotes the Crypto phishing scams

Links to a Google sites page for Indian cricket betting (probably impersonating something else, I don’t know.)

This site leads victims to chat via Whatsapp with

+91 92563 99231 (Indian prefix)

1 Like