#phishinginfrastructure — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #phishinginfrastructure, aggregated by home.social.
-
Operational Brief:
Threat cluster: Diesel Vortex
Attribution indicators: Russian domain infrastructure, Armenian-language operator commsDiscovery: Exposed .git repository
Primary impact:
• 1,600+ compromised credentials
• Freight diversion & double-brokering
• Structured phishing-as-a-service (“MC Profit Always”)
Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.Detection priorities:
– Credential stuffing monitoring
– Load board anomaly detection
– Broker identity validation
– Git exposure scanningSource: https://therecord.media/phishing-operation-russia-armenia-targeting-us-european-cargo
Follow for tactical threat briefings.
Share detection insights below.#Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics
-
Operational Brief:
Threat cluster: Diesel Vortex
Attribution indicators: Russian domain infrastructure, Armenian-language operator commsDiscovery: Exposed .git repository
Primary impact:
• 1,600+ compromised credentials
• Freight diversion & double-brokering
• Structured phishing-as-a-service (“MC Profit Always”)
Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.Detection priorities:
– Credential stuffing monitoring
– Load board anomaly detection
– Broker identity validation
– Git exposure scanningSource: https://therecord.media/phishing-operation-russia-armenia-targeting-us-european-cargo
Follow for tactical threat briefings.
Share detection insights below.#Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics
-
Operational Brief:
Threat cluster: Diesel Vortex
Attribution indicators: Russian domain infrastructure, Armenian-language operator commsDiscovery: Exposed .git repository
Primary impact:
• 1,600+ compromised credentials
• Freight diversion & double-brokering
• Structured phishing-as-a-service (“MC Profit Always”)
Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.Detection priorities:
– Credential stuffing monitoring
– Load board anomaly detection
– Broker identity validation
– Git exposure scanningSource: https://therecord.media/phishing-operation-russia-armenia-targeting-us-european-cargo
Follow for tactical threat briefings.
Share detection insights below.#Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics
-
Operational Brief:
Threat cluster: Diesel Vortex
Attribution indicators: Russian domain infrastructure, Armenian-language operator commsDiscovery: Exposed .git repository
Primary impact:
• 1,600+ compromised credentials
• Freight diversion & double-brokering
• Structured phishing-as-a-service (“MC Profit Always”)
Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.Detection priorities:
– Credential stuffing monitoring
– Load board anomaly detection
– Broker identity validation
– Git exposure scanningSource: https://therecord.media/phishing-operation-russia-armenia-targeting-us-european-cargo
Follow for tactical threat briefings.
Share detection insights below.#Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics
-
Airline Phishing Infrastructure Expands in 2026
PreCrime Labs identified:
• 11,600+ suspicious airline-themed domains
• 1,799 domains in 4 months
• 36 AI-LLM branded domains harvesting traveler data
• High-value private jet fraud infrastructure
• Recruitment-based credential harvesting
Brands observed in impersonation campaigns:
LATAM Airlines, Avianca, British Airways, Lufthansa, Qatar AirwaysKey technical risks:
• Vendor-jacking → BEC
• AI-assisted context harvesting
• SEO poisoning with airline keywords
• Crypto-payment themed fraud
• Defense & logistics-themed impersonationIs aviation now one of the highest ROI phishing verticals?
Engage below.
Follow @technadu for actionable threat intelligence.#Infosec #ThreatIntel #PhishingInfrastructure #BrandProtection #BEC #FraudOps #OSINT #AviationCyber #DomainMonitoring #CyberRisk
-
Airline Phishing Infrastructure Expands in 2026
PreCrime Labs identified:
• 11,600+ suspicious airline-themed domains
• 1,799 domains in 4 months
• 36 AI-LLM branded domains harvesting traveler data
• High-value private jet fraud infrastructure
• Recruitment-based credential harvesting
Brands observed in impersonation campaigns:
LATAM Airlines, Avianca, British Airways, Lufthansa, Qatar AirwaysKey technical risks:
• Vendor-jacking → BEC
• AI-assisted context harvesting
• SEO poisoning with airline keywords
• Crypto-payment themed fraud
• Defense & logistics-themed impersonationIs aviation now one of the highest ROI phishing verticals?
Engage below.
Follow @technadu for actionable threat intelligence.#Infosec #ThreatIntel #PhishingInfrastructure #BrandProtection #BEC #FraudOps #OSINT #AviationCyber #DomainMonitoring #CyberRisk
-
Airline Phishing Infrastructure Expands in 2026
PreCrime Labs identified:
• 11,600+ suspicious airline-themed domains
• 1,799 domains in 4 months
• 36 AI-LLM branded domains harvesting traveler data
• High-value private jet fraud infrastructure
• Recruitment-based credential harvesting
Brands observed in impersonation campaigns:
LATAM Airlines, Avianca, British Airways, Lufthansa, Qatar AirwaysKey technical risks:
• Vendor-jacking → BEC
• AI-assisted context harvesting
• SEO poisoning with airline keywords
• Crypto-payment themed fraud
• Defense & logistics-themed impersonationIs aviation now one of the highest ROI phishing verticals?
Engage below.
Follow @technadu for actionable threat intelligence.#Infosec #ThreatIntel #PhishingInfrastructure #BrandProtection #BEC #FraudOps #OSINT #AviationCyber #DomainMonitoring #CyberRisk
-
Airline Phishing Infrastructure Expands in 2026
PreCrime Labs identified:
• 11,600+ suspicious airline-themed domains
• 1,799 domains in 4 months
• 36 AI-LLM branded domains harvesting traveler data
• High-value private jet fraud infrastructure
• Recruitment-based credential harvesting
Brands observed in impersonation campaigns:
LATAM Airlines, Avianca, British Airways, Lufthansa, Qatar AirwaysKey technical risks:
• Vendor-jacking → BEC
• AI-assisted context harvesting
• SEO poisoning with airline keywords
• Crypto-payment themed fraud
• Defense & logistics-themed impersonationIs aviation now one of the highest ROI phishing verticals?
Engage below.
Follow @technadu for actionable threat intelligence.#Infosec #ThreatIntel #PhishingInfrastructure #BrandProtection #BEC #FraudOps #OSINT #AviationCyber #DomainMonitoring #CyberRisk
-
Campaign type: Crypto-themed advance fee fraud
Observed tactics:
• Survey-based initial trust anchor
• High-value BTC lure (0.943 / 1.824 BTC)
• Fake transaction approval states
• OTP-style authentication mimicry
• Reverse social engineering via chat
• Bitcoin QR payment endpoint
• Recently registered infrastructurePsychological chain:
Trust seeding → Reward inflation → Procedural legitimacy → Time pressure → Micro-payment extraction.Notable observations:
– Structured flow architecture
– Domain churn
– UX mimicking real crypto processors
– Potential bot-filtering via poll entryThis demonstrates how scam operators now invest in full user journey design.
What telemetry would you prioritize for early detection?
Engage below.
Follow TechNadu for technical cybersecurity reporting.#ThreatIntelligence #CryptoFraud #PhishingInfrastructure #ScamAnalysis #OSINT #BlueTeam #FraudOps #DigitalForensics #CyberDefense
-
Campaign type: Crypto-themed advance fee fraud
Observed tactics:
• Survey-based initial trust anchor
• High-value BTC lure (0.943 / 1.824 BTC)
• Fake transaction approval states
• OTP-style authentication mimicry
• Reverse social engineering via chat
• Bitcoin QR payment endpoint
• Recently registered infrastructurePsychological chain:
Trust seeding → Reward inflation → Procedural legitimacy → Time pressure → Micro-payment extraction.Notable observations:
– Structured flow architecture
– Domain churn
– UX mimicking real crypto processors
– Potential bot-filtering via poll entryThis demonstrates how scam operators now invest in full user journey design.
What telemetry would you prioritize for early detection?
Engage below.
Follow TechNadu for technical cybersecurity reporting.#ThreatIntelligence #CryptoFraud #PhishingInfrastructure #ScamAnalysis #OSINT #BlueTeam #FraudOps #DigitalForensics #CyberDefense
-
Campaign type: Crypto-themed advance fee fraud
Observed tactics:
• Survey-based initial trust anchor
• High-value BTC lure (0.943 / 1.824 BTC)
• Fake transaction approval states
• OTP-style authentication mimicry
• Reverse social engineering via chat
• Bitcoin QR payment endpoint
• Recently registered infrastructurePsychological chain:
Trust seeding → Reward inflation → Procedural legitimacy → Time pressure → Micro-payment extraction.Notable observations:
– Structured flow architecture
– Domain churn
– UX mimicking real crypto processors
– Potential bot-filtering via poll entryThis demonstrates how scam operators now invest in full user journey design.
What telemetry would you prioritize for early detection?
Engage below.
Follow TechNadu for technical cybersecurity reporting.#ThreatIntelligence #CryptoFraud #PhishingInfrastructure #ScamAnalysis #OSINT #BlueTeam #FraudOps #DigitalForensics #CyberDefense
-
Campaign type: Crypto-themed advance fee fraud
Observed tactics:
• Survey-based initial trust anchor
• High-value BTC lure (0.943 / 1.824 BTC)
• Fake transaction approval states
• OTP-style authentication mimicry
• Reverse social engineering via chat
• Bitcoin QR payment endpoint
• Recently registered infrastructurePsychological chain:
Trust seeding → Reward inflation → Procedural legitimacy → Time pressure → Micro-payment extraction.Notable observations:
– Structured flow architecture
– Domain churn
– UX mimicking real crypto processors
– Potential bot-filtering via poll entryThis demonstrates how scam operators now invest in full user journey design.
What telemetry would you prioritize for early detection?
Engage below.
Follow TechNadu for technical cybersecurity reporting.#ThreatIntelligence #CryptoFraud #PhishingInfrastructure #ScamAnalysis #OSINT #BlueTeam #FraudOps #DigitalForensics #CyberDefense