A new phishing campaign is specifically targeting sellers on Discogs, the popular music marketplace and database. Attackers have constructed a multi‑page deception that begins with a fake human verification check and ends with a cloned Stripe payment form. The screenshots provided document this attack in detail. Understanding each step of the scam is the only …
Author Archives: Anti-phishing
How to Spot and Stop a Payment Information Scam Targeting Flatmate Platform Users
A growing number of cybercriminals are creating fake account verification pages designed to steal financial data from users of shared accommodation platforms such as Flatmates.com.au, flatmate.com, and similar services. The scam begins with an urgent message claiming a user’s account has been restricted and requires identity verification within a strict time limit. The message is …
Continue reading “How to Spot and Stop a Payment Information Scam Targeting Flatmate Platform Users”
11 Red Flags That Prove You’re Being Targeted by a Marketplace Phishing Scam (And How Sellers Can Protect Their Money)
By Cybersecurity Analyst TeamMay 2026 If you sell clothes, electronics, or collectibles on Poshmark, Mercari, eBay, or Depop, you are a prime target for a new wave of sophisticated phishing attacks. The screenshots below show a real-time scam that attempts to drain your bank account – not by hacking, but by tricking you into handing …
Operation Syndicate: Multi-Language Live Chat Exploitation via Rogue Gambling Portals
This entry documents a live, multi-jurisdictional cybercrime node operating via ephemeral ASPX chat frameworks (7mmon3ss.com). The intercept reveals a highly structured customer service gateway utilized by Southeast Asian syndicates to manage illicit gambling platforms and fraudulent asset-extraction schemes under the brand RM98. Technical Dissection of the Compromised Session The captured interface provides absolute forensic verification …
Interactive Investment Phishing: Exploitation of Live Shareholder Registries
This image captures an active, highly targeted corporate asset hijacking portal hosted via developer cloud infrastructure (myrights-app-8hkj4.ondigitalocean.app). The interface demonstrates a sophisticated evolution in credential harvesting, utilizing a live, interactive database to verify victim telemetry in real time rather than deploying static phishing layouts. Infrastructure and Dynamic Exploitation Analysis The fraudulent portal directly impersonates the …
Continue reading “Interactive Investment Phishing: Exploitation of Live Shareholder Registries”
Advanced Fiat Drainer: Automated Brand Impersonation on Peer-to-Peer Marketplaces
This entry documents a live, multi-stage financial phishing and asset draining operation hosted on transient infrastructure (chilw-order.lat). The interface targets regional consumers of major Japanese classifieds and peer-to-peer marketplaces, specifically cloning the infrastructure of Jimoty (jmty.jp). The Attack Vectors and Social Engineering Heuristics The vector utilizes a sophisticated deployment of manufactured account urgency to neutralize …
Continue reading “Advanced Fiat Drainer: Automated Brand Impersonation on Peer-to-Peer Marketplaces”
A phishing campaign targeting Depop sellers
This set of screenshots shows a phishing campaign targeting Depop sellers. The scam uses a fake “orders suspended” notification and a counterfeit support chat to trick victims into providing full credit/debit card details and billing information. Threat Analysis: Depop Phishing – Fake “Orders Suspended” & Card Harvesting How the scam works: Fake Suspension Notice (1st …
Continue reading “A phishing campaign targeting Depop sellers”
Tise.com fake page detected
Anatomy of a Marketplace Phishing Scam: The Scamsite Intermediary Method This image captures a live instance of a highly convincing phishing campaign targeting users of Tise (tise.com), a popular Norwegian and Nordic second-hand marketplace. The layout mimics an official security notification, utilizing precise brand elements to manipulate the victim under a manufactured state of urgency. …
Tech Support / Flight Booking Scam
Anatomy of a High-Tier Support & Billing Scam: The Trapped Invoice Method This image captures a live instance of an aggressive, targeted financial fraud operation known as a “Tech Support / Flight Booking Scam.” Unlike generic mass phishing, this method relies heavily on multi-channel social engineering and highly customized billing infrastructure to bypass traditional security …
Fake Xfinity Login Pages
We have discovered a phishing campaign that uses fake Xfinity pages to steal your login credentials. Below is how the attack works, based on real screenshots. How the Scam Works Step 1 – The “Thanks for choosing xfinity” lureThe victim lands on a simple page with an Xfinity logo, a “Thanks for choosing xfinity” message, …