Community
Phishing

Blue Badge Phishing Campaign

09/01/2022

Instagram Campaign

The allure of the blue badge can be too much! A new Instagram phishing campaign using the domain teamcorrectionbadges[.]com shares host infrastructure with several other questionable domains:

  • Teambluebadge[.]com
  • Badgescorrectioncase[.]com
  • Adminbadgessystem[.]shop

While many of these domains are already on blocklists, not all are, suggesting the bad actors might still be performing this attack. Via a predictive Domain Risk Score for these domains ranges from 88 to 99. We cannot confirm all these domains are attributable to the same actor, however.

Additional questionable domains to monitor:
truebadgeteamscase[.]com
objectionsfromcloud[.]com
casebadgeclods[.]com
badgeteamclouds[.]shop
badgecaseteam[.]com
teamcloudsbadges[.]com
teamscorrectbadge[.]com
teamcorrectionbadges[.]com

correctlybadgesteam[.]com
badgecaseteam[.]shop

Related Content

How Threat Actors Exploit Human Trust: A Breakdown of the 'Prove You Are Human' Malware Scheme
MalwareThreat Intelligence
How Threat Actors Exploit Human Trust: A Breakdown of the 'Prove You Are Human' Malware Scheme
Download Now
Inside a VenomRAT Malware Campaign
MalwareThreat Intelligence
Inside a VenomRAT Malware Campaign
Download Now
DomainTools Investigations Recommended Reading List Week of May 19 2025
AIMalwarePhishingRansomwareThreat Intelligence
Cybersecurity Reading List - Week of 2025-05-19
Download Now