Skip to main content
Back to Security Snacks
Phishing

Blue Badge Phishing Campaign

Published on: 
September 1, 2022

Instagram Campaign

The allure of the blue badge can be too much! A new Instagram phishing campaign using the domain teamcorrectionbadges[.]com shares host infrastructure with several other questionable domains:

  • Teambluebadge[.]com
  • Badgescorrectioncase[.]com
  • Adminbadgessystem[.]shop

While many of these domains are already on blocklists, not all are, suggesting the bad actors might still be performing this attack. Via a predictive Domain Risk Score for these domains ranges from 88 to 99. We cannot confirm all these domains are attributable to the same actor, however.

Additional questionable domains to monitor:
truebadgeteamscase[.]com
objectionsfromcloud[.]com
casebadgeclods[.]com
badgeteamclouds[.]shop
badgecaseteam[.]com
teamcloudsbadges[.]com
teamscorrectbadge[.]com
teamcorrectionbadges[.]com

correctlybadgesteam[.]com
badgecaseteam[.]shop

Related Content

SecuritySnacks
SecuritySnack - CloudFlare Anti-Security For Phishing
A Microsoft 365 credential harvesting campaign is exploiting CloudFlare's anti-bot and human verification features to evade detection. Learn how attackers use IP blocklists, user-agent filtering, and obfuscated scripts to bypass security scanners—and what it means for the industry.
Learn More
SecuritySnacks
Cybersecurity Reading List - Week of 2026-03-02
A broken snowblower belt taught me something cybersecurity professionals often forget — saying "I don't know" isn't failure. It's where the real work begins.
Learn More
SecuritySnacks
SecuritySnack - Idolized Crypto Scams
An analysis of an active cryptocurrency scam operation impersonating Trump, Musk, and Truth Social across 250+ domains — uncovering shared wallet infrastructure, on-chain laundering pipelines, and the tactics used to fake legitimacy.
Learn More

Heading

SecuritySnacks
Research
Newsletters
Podcast Episodes
About
No items found.