Skip to main content
Back to Security Snacks
Phishing

TEPCO Mass Domain Registration

Published on: 
May 30, 2024

200+ registrations in concert with financial or credential phishing

We see over 200+ billing-oriented TEPCO domains created in the last month with the same host. We suspect it’s a mass domain registration in concert with financial or credential phishing.

The domains and historical passive DNS records for the two IPs involved can be found in the GitHub link below. The pDNS may or may not include uninvolved domains, but many appear to be part of the same cluster or campaign.

If the community has any additional input, please let us know.

https://github.com/DomainTools/SecuritySnacks/tree/main/2024/TEPCO

Related Content

SecuritySnacks
Cybersecurity Reading List - Week of 2026-06-01
Commentary followed by links to cybersecurity articles and resources that caught our interest internally.
Learn More
SecuritySnacks
SecuritySnack - Hijacking Corporate Sessions
A sophisticated AiTM phishing kit bypassing traditional MFA to steal Microsoft 365 session cookies. Get the full breakdown and IOCs.
Learn More
SecuritySnacks
Cybersecurity Reading List - Week of 2026-05-04
Systems thinking, biolistics, and the danger of mop-up science in infosec — plus this month's reading on ransomware, RPKI exploits, cPanel, and LLM pollution.
Learn More

Heading

SecuritySnacks
Research
Newsletters
Podcast Episodes
About
No items found.