Skip to main content
Back to Security Snacks
Phishing

Blue Badge Phishing Campaign

Published on: 
September 1, 2022

Instagram Campaign

The allure of the blue badge can be too much! A new Instagram phishing campaign using the domain teamcorrectionbadges[.]com shares host infrastructure with several other questionable domains:

  • Teambluebadge[.]com
  • Badgescorrectioncase[.]com
  • Adminbadgessystem[.]shop

While many of these domains are already on blocklists, not all are, suggesting the bad actors might still be performing this attack. Via a predictive Domain Risk Score for these domains ranges from 88 to 99. We cannot confirm all these domains are attributable to the same actor, however.

Additional questionable domains to monitor:
truebadgeteamscase[.]com
objectionsfromcloud[.]com
casebadgeclods[.]com
badgeteamclouds[.]shop
badgecaseteam[.]com
teamcloudsbadges[.]com
teamscorrectbadge[.]com
teamcorrectionbadges[.]com

correctlybadgesteam[.]com
badgecaseteam[.]shop

Related Content

SecuritySnacks
DPRK Contagious Interview: Developer Workflow Compromise
Analyze the DPRK "Contagious Interview" campaign targeting developers. Get technical deep-dives into VS Code task abuse, Node.js malware obfuscation, and a full Sigma/EDR detection pack to defend your CI/CD pipeline and identity perimeter.
Learn More
SecuritySnacks
The AI Frame Campaign Continues
Analysis of the persistent AIFrame campaign: A fake Google Authenticator Chrome extension and 6+ related apps use "deploy clean, update dirty" tactics to steal 2FA credentials and inject malicious iframes. Learn how this operation bypasses Google’s security reviews.
Learn More
SecuritySnacks
Cybersecurity Reading List - Week of 2026-04-06
From Gramsci's 'morbid symptoms' to modern threat intelligence - a cybersecurity roundup exploring why defenders should treat root causes over chasing dramatic threats, with curated links on ransomware, HUMINT, disinformation, and more.
Learn More

Heading

SecuritySnacks
Research
Newsletters
Podcast Episodes
About
No items found.