home.social

#phishinginfrastructure — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #phishinginfrastructure, aggregated by home.social.

  1. Operational Brief:
    Threat cluster: Diesel Vortex
    Attribution indicators: Russian domain infrastructure, Armenian-language operator comms

    Discovery: Exposed .git repository
    Primary impact:
    • 1,600+ compromised credentials
    • Freight diversion & double-brokering
    • Structured phishing-as-a-service (“MC Profit Always”)
    Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
    Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.

    Detection priorities:
    – Credential stuffing monitoring
    – Load board anomaly detection
    – Broker identity validation
    – Git exposure scanning

    Source: therecord.media/phishing-opera

    Follow for tactical threat briefings.
    Share detection insights below.

    #Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics

  2. Operational Brief:
    Threat cluster: Diesel Vortex
    Attribution indicators: Russian domain infrastructure, Armenian-language operator comms

    Discovery: Exposed .git repository
    Primary impact:
    • 1,600+ compromised credentials
    • Freight diversion & double-brokering
    • Structured phishing-as-a-service (“MC Profit Always”)
    Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
    Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.

    Detection priorities:
    – Credential stuffing monitoring
    – Load board anomaly detection
    – Broker identity validation
    – Git exposure scanning

    Source: therecord.media/phishing-opera

    Follow for tactical threat briefings.
    Share detection insights below.

    #Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics

  3. Operational Brief:
    Threat cluster: Diesel Vortex
    Attribution indicators: Russian domain infrastructure, Armenian-language operator comms

    Discovery: Exposed .git repository
    Primary impact:
    • 1,600+ compromised credentials
    • Freight diversion & double-brokering
    • Structured phishing-as-a-service (“MC Profit Always”)
    Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
    Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.

    Detection priorities:
    – Credential stuffing monitoring
    – Load board anomaly detection
    – Broker identity validation
    – Git exposure scanning

    Source: therecord.media/phishing-opera

    Follow for tactical threat briefings.
    Share detection insights below.

    #Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics

  4. Operational Brief:
    Threat cluster: Diesel Vortex
    Attribution indicators: Russian domain infrastructure, Armenian-language operator comms

    Discovery: Exposed .git repository
    Primary impact:
    • 1,600+ compromised credentials
    • Freight diversion & double-brokering
    • Structured phishing-as-a-service (“MC Profit Always”)
    Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
    Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.

    Detection priorities:
    – Credential stuffing monitoring
    – Load board anomaly detection
    – Broker identity validation
    – Git exposure scanning

    Source: therecord.media/phishing-opera

    Follow for tactical threat briefings.
    Share detection insights below.

    #Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics

  5. Airline Phishing Infrastructure Expands in 2026
    PreCrime Labs identified:
    • 11,600+ suspicious airline-themed domains
    • 1,799 domains in 4 months
    • 36 AI-LLM branded domains harvesting traveler data
    • High-value private jet fraud infrastructure
    • Recruitment-based credential harvesting
    Brands observed in impersonation campaigns:
    LATAM Airlines, Avianca, British Airways, Lufthansa, Qatar Airways

    Key technical risks:
    • Vendor-jacking → BEC
    • AI-assisted context harvesting
    • SEO poisoning with airline keywords
    • Crypto-payment themed fraud
    • Defense & logistics-themed impersonation

    Is aviation now one of the highest ROI phishing verticals?

    Engage below.
    Follow @technadu for actionable threat intelligence.

    #Infosec #ThreatIntel #PhishingInfrastructure #BrandProtection #BEC #FraudOps #OSINT #AviationCyber #DomainMonitoring #CyberRisk

  6. Airline Phishing Infrastructure Expands in 2026
    PreCrime Labs identified:
    • 11,600+ suspicious airline-themed domains
    • 1,799 domains in 4 months
    • 36 AI-LLM branded domains harvesting traveler data
    • High-value private jet fraud infrastructure
    • Recruitment-based credential harvesting
    Brands observed in impersonation campaigns:
    LATAM Airlines, Avianca, British Airways, Lufthansa, Qatar Airways

    Key technical risks:
    • Vendor-jacking → BEC
    • AI-assisted context harvesting
    • SEO poisoning with airline keywords
    • Crypto-payment themed fraud
    • Defense & logistics-themed impersonation

    Is aviation now one of the highest ROI phishing verticals?

    Engage below.
    Follow @technadu for actionable threat intelligence.

    #Infosec #ThreatIntel #PhishingInfrastructure #BrandProtection #BEC #FraudOps #OSINT #AviationCyber #DomainMonitoring #CyberRisk

  7. Airline Phishing Infrastructure Expands in 2026
    PreCrime Labs identified:
    • 11,600+ suspicious airline-themed domains
    • 1,799 domains in 4 months
    • 36 AI-LLM branded domains harvesting traveler data
    • High-value private jet fraud infrastructure
    • Recruitment-based credential harvesting
    Brands observed in impersonation campaigns:
    LATAM Airlines, Avianca, British Airways, Lufthansa, Qatar Airways

    Key technical risks:
    • Vendor-jacking → BEC
    • AI-assisted context harvesting
    • SEO poisoning with airline keywords
    • Crypto-payment themed fraud
    • Defense & logistics-themed impersonation

    Is aviation now one of the highest ROI phishing verticals?

    Engage below.
    Follow @technadu for actionable threat intelligence.

    #Infosec #ThreatIntel #PhishingInfrastructure #BrandProtection #BEC #FraudOps #OSINT #AviationCyber #DomainMonitoring #CyberRisk

  8. Airline Phishing Infrastructure Expands in 2026
    PreCrime Labs identified:
    • 11,600+ suspicious airline-themed domains
    • 1,799 domains in 4 months
    • 36 AI-LLM branded domains harvesting traveler data
    • High-value private jet fraud infrastructure
    • Recruitment-based credential harvesting
    Brands observed in impersonation campaigns:
    LATAM Airlines, Avianca, British Airways, Lufthansa, Qatar Airways

    Key technical risks:
    • Vendor-jacking → BEC
    • AI-assisted context harvesting
    • SEO poisoning with airline keywords
    • Crypto-payment themed fraud
    • Defense & logistics-themed impersonation

    Is aviation now one of the highest ROI phishing verticals?

    Engage below.
    Follow @technadu for actionable threat intelligence.

    #Infosec #ThreatIntel #PhishingInfrastructure #BrandProtection #BEC #FraudOps #OSINT #AviationCyber #DomainMonitoring #CyberRisk

  9. Campaign type: Crypto-themed advance fee fraud
    Observed tactics:
    • Survey-based initial trust anchor
    • High-value BTC lure (0.943 / 1.824 BTC)
    • Fake transaction approval states
    • OTP-style authentication mimicry
    • Reverse social engineering via chat
    • Bitcoin QR payment endpoint
    • Recently registered infrastructure

    Psychological chain:
    Trust seeding → Reward inflation → Procedural legitimacy → Time pressure → Micro-payment extraction.

    Notable observations:
    – Structured flow architecture
    – Domain churn
    – UX mimicking real crypto processors
    – Potential bot-filtering via poll entry

    This demonstrates how scam operators now invest in full user journey design.

    Source: malwr-analysis.com/2026/02/22/

    What telemetry would you prioritize for early detection?
    Engage below.
    Follow TechNadu for technical cybersecurity reporting.

    #ThreatIntelligence #CryptoFraud #PhishingInfrastructure #ScamAnalysis #OSINT #BlueTeam #FraudOps #DigitalForensics #CyberDefense

  10. Campaign type: Crypto-themed advance fee fraud
    Observed tactics:
    • Survey-based initial trust anchor
    • High-value BTC lure (0.943 / 1.824 BTC)
    • Fake transaction approval states
    • OTP-style authentication mimicry
    • Reverse social engineering via chat
    • Bitcoin QR payment endpoint
    • Recently registered infrastructure

    Psychological chain:
    Trust seeding → Reward inflation → Procedural legitimacy → Time pressure → Micro-payment extraction.

    Notable observations:
    – Structured flow architecture
    – Domain churn
    – UX mimicking real crypto processors
    – Potential bot-filtering via poll entry

    This demonstrates how scam operators now invest in full user journey design.

    Source: malwr-analysis.com/2026/02/22/

    What telemetry would you prioritize for early detection?
    Engage below.
    Follow TechNadu for technical cybersecurity reporting.

    #ThreatIntelligence #CryptoFraud #PhishingInfrastructure #ScamAnalysis #OSINT #BlueTeam #FraudOps #DigitalForensics #CyberDefense

  11. Campaign type: Crypto-themed advance fee fraud
    Observed tactics:
    • Survey-based initial trust anchor
    • High-value BTC lure (0.943 / 1.824 BTC)
    • Fake transaction approval states
    • OTP-style authentication mimicry
    • Reverse social engineering via chat
    • Bitcoin QR payment endpoint
    • Recently registered infrastructure

    Psychological chain:
    Trust seeding → Reward inflation → Procedural legitimacy → Time pressure → Micro-payment extraction.

    Notable observations:
    – Structured flow architecture
    – Domain churn
    – UX mimicking real crypto processors
    – Potential bot-filtering via poll entry

    This demonstrates how scam operators now invest in full user journey design.

    Source: malwr-analysis.com/2026/02/22/

    What telemetry would you prioritize for early detection?
    Engage below.
    Follow TechNadu for technical cybersecurity reporting.

    #ThreatIntelligence #CryptoFraud #PhishingInfrastructure #ScamAnalysis #OSINT #BlueTeam #FraudOps #DigitalForensics #CyberDefense

  12. Campaign type: Crypto-themed advance fee fraud
    Observed tactics:
    • Survey-based initial trust anchor
    • High-value BTC lure (0.943 / 1.824 BTC)
    • Fake transaction approval states
    • OTP-style authentication mimicry
    • Reverse social engineering via chat
    • Bitcoin QR payment endpoint
    • Recently registered infrastructure

    Psychological chain:
    Trust seeding → Reward inflation → Procedural legitimacy → Time pressure → Micro-payment extraction.

    Notable observations:
    – Structured flow architecture
    – Domain churn
    – UX mimicking real crypto processors
    – Potential bot-filtering via poll entry

    This demonstrates how scam operators now invest in full user journey design.

    Source: malwr-analysis.com/2026/02/22/

    What telemetry would you prioritize for early detection?
    Engage below.
    Follow TechNadu for technical cybersecurity reporting.

    #ThreatIntelligence #CryptoFraud #PhishingInfrastructure #ScamAnalysis #OSINT #BlueTeam #FraudOps #DigitalForensics #CyberDefense