Another set of sites, this time for Capital One:
https://sites.google.com/abcrypt.com/capitalone-login/home links to
https://rebrand.ly/960141 which redirects to
error page https://captitone.com/err/
tawk.to chat widget https://tawk.to/chat/6661e2b09a809f19fb3a3ace/1hvn5r0sa .
Jack is working late on a Friday night, keep him company and have some chats with him!
A new site:
https://sites.google.com/abcrypt.com/capitalone-login/home
Links to:
Which redirects to:
Error page:
Tawk.to chat account:
Another new one:
https://sites.google.com/abcrypt.com/cryptocomlogin/home
links to:
which redirects to:
crypologs.com
Registrant Name: Nitin Kumar
Registrant Organization: Nitin Kumar
Registrant Street: J-234 Saket
Registrant City: New Delhi
Registrant State/Province: Uttar Pradesh
Registrant Postal Code: 110053
Registrant Country: IN
Registrant Phone: +91.9384758493
error page:
tawk.to web chat:
Another one I found today:
https://sites.google.com/metamaslogi.com/metamask-login/home
links to https://rebrand.ly/ebd380
which redirects to
Error page:
On the same IP 162.241.85.150 as many other scams recorded in this thread.
Another one: AtomicDEX Wallet - Non-custodial Wallet Official Website
links to Atomic Wallet
which redirects to Atomic Wallet ,
with private-key phishing form Atomic Wallet .
New tawk.to chat account for this one: https://tawk.to/chat/65c0c2600ff6374032c9773a/1hlsfeite
A few more I found today:
This PayPal phishing site is still active, linked to by Google Sites at PayPal Login : My PayPal Account Login | Official Website , with redirector https://rebrand.ly/7acacb and tawk.to chat account https://tawk.to/chat/66d0db81ea492f34bc0b8744/1i6ftisno .
I got rebrand.ly to block that link (they are quick to address complaints via email at support at rebrandly dot com, especially considering it’s a U.S. holiday weekend) and it seems like the scammers already made another one! https://rebrand.ly/fd503b .
New PayPal phishing site:
PayPal Login : My PayPal Account Login | Official Website links to
https://rebrand.ly/f0jmze3 which redirects to
https://paolos.online/log/ , with error page
https://paolos.online/err/ and tawk.to chat account (“Jack” is active now!)
Same redirect goes to a new site: https://payplll.info/log/
error page https://payplll.info/err/
Tawk.to account https://tawk.to/chat/66ca29a350c10f7a00a00ebd/1i62r5a2m .
Here’s another PayPal phishing site that popped up today:
PayPal Login : My PayPal Account Login | Official Website now points to
https://rebrand.ly/641fbe , which redirects to
https://paypaloficial.com/log/ , which we know is official because it has a misspelled “oficial” in the domain name.
Someone forgot to obfuscate the WHOIS info for this domain:
Domain Name: PAYPALOFICIAL.COM
Registry Domain ID: 2919920815_DOMAIN_COM-VRSN
Registrar WHOIS Server: Whois.bigrock.com
Registrar URL: www.bigrock.com
Updated Date: 2024-09-25T16:32:20Z
Creation Date: 2024-09-25T16:27:50Z
Registrar Registration Expiration Date: 2025-09-25T16:27:50Z
Registrar: BigRock Solutions Ltd.
Registrar IANA ID: 1495
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: Nitin
Registrant Organization: Nitin
Registrant Street: J-232 DES
Registrant City: Delhi
Registrant State/Province: Delhi
Registrant Postal Code: 110023
Registrant Country: IN
Registrant Phone: +91.2334323454
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: [email protected]
Error page at https://paypaloficial.com/err/ ,
with tawk.to chat link https://tawk.to/chat/66ca29a350c10f7a00a00ebd/1i62r5a2m .
A new PayPal website with several “error” pages:
https://paypll.info/errs/ has a U.S. phone number, which I am unable to verify.
https://paypll.info/errr/ links to the tawk.to account https://tawk.to/chat/67092fe82480f5b4f58c07de/1i9tu69dj ;
https://paypll.info/err/ links to a different chat account, https://tawk.to/chat/670803dbaf33b684b75058bc/1i9rku4mm , where Jack is actively responding.
Here’s another one: Coinbase Wallet Extension Download - Official Website links to
And another MetaMask:
https://sites.google.com/metamaksio.com/metamask-chrom/home links to
And another new PayPal site:
A new tawk.to account for this gang: https://tawk.to/chat/670e8a972480f5b4f58dca7d/1ia8cqouo
Found at Error! .
From the RDAP (WHOIS) info:
Nitin Kumar
New Delhi
Uttar Pradesh
110053
IN
[email protected]
+91.9384758493
Another Capital One phishing page on 162.241.85.93: Error!
With tawk.to account https://tawk.to/chat/66be4bc80cca4f8a7a767c15/1i5blg2r1 .
Update: new account https://tawk.to/chat/6709353f2480f5b4f58c0c0f/1i9tvg0sa