Blue Badge Phishing Campaign

Published on:

September 1, 2022

On This Page

Instagram Campaign

The allure of the blue badge can be too much! A new Instagram phishing campaign using the domain teamcorrectionbadges[.]com shares host infrastructure with several other questionable domains:

Teambluebadge[.]com
Badgescorrectioncase[.]com
Adminbadgessystem[.]shop

While many of these domains are already on blocklists, not all are, suggesting the bad actors might still be performing this attack. Via a predictive Domain Risk Score for these domains ranges from 88 to 99. We cannot confirm all these domains are attributable to the same actor, however.

Additional questionable domains to monitor:
truebadgeteamscase[.]com
objectionsfromcloud[.]com
casebadgeclods[.]com
badgeteamclouds[.]shop
badgecaseteam[.]com
teamcloudsbadges[.]com
teamscorrectbadge[.]com
teamcorrectionbadges[.]com

correctlybadgesteam[.]com
badgecaseteam[.]shop

Related Content

SecuritySnacks

Cybersecurity Reading List - Week of 2026-02-02

Commentary followed by links to cybersecurity articles and resources that caught our interest internally.

Learn More

SecuritySnacks

SecuritySnack: Phishing Interviews

Phishing campaign targets job seekers with fake career portals and interview invites, stealing ID.me credentials and deploying malware since August 2025.

Learn More

SecuritySnacks

Pay to Lose: Dubious Online Gambling Games

Be wary of "real money" games this New Year. This report uncovers hundreds of fake Android gambling apps using spoofed reviews, fake win declarations, and "waistcoat" shells to trick users into sideloading unregulated, predatory gambling software.

Learn More

Blue Badge Phishing Campaign

Instagram Campaign

Heading