TEPCO Mass Domain Registration

Published on:

May 30, 2024

On This Page

200+ registrations in concert with financial or credential phishing

We see over 200+ billing-oriented TEPCO domains created in the last month with the same host. We suspect it’s a mass domain registration in concert with financial or credential phishing.

The domains and historical passive DNS records for the two IPs involved can be found in the GitHub link below. The pDNS may or may not include uninvolved domains, but many appear to be part of the same cluster or campaign.

If the community has any additional input, please let us know.

https://github.com/DomainTools/SecuritySnacks/tree/main/2024/TEPCO

Related Content

SecuritySnacks

SecuritySnack: Phishing Interviews

Phishing campaign targets job seekers with fake career portals and interview invites, stealing ID.me credentials and deploying malware since August 2025.

Learn More

SecuritySnacks

Pay to Lose: Dubious Online Gambling Games

Be wary of "real money" games this New Year. This report uncovers hundreds of fake Android gambling apps using spoofed reviews, fake win declarations, and "waistcoat" shells to trick users into sideloading unregulated, predatory gambling software.

Learn More

SecuritySnacks

Cybersecurity Reading List - Week of 2026-01-05

Learn More

TEPCO Mass Domain Registration

200+ registrations in concert with financial or credential phishing

Heading