Skip to main content
Back to Security Snacks
Phishing

TEPCO Mass Domain Registration

Published on: 
May 30, 2024

200+ registrations in concert with financial or credential phishing

We see over 200+ billing-oriented TEPCO domains created in the last month with the same host. We suspect it’s a mass domain registration in concert with financial or credential phishing.

The domains and historical passive DNS records for the two IPs involved can be found in the GitHub link below. The pDNS may or may not include uninvolved domains, but many appear to be part of the same cluster or campaign.

If the community has any additional input, please let us know.

https://github.com/DomainTools/SecuritySnacks/tree/main/2024/TEPCO

Related Content

SecuritySnacks
SecuritySnack - Idolized Crypto Scams
An analysis of an active cryptocurrency scam operation impersonating Trump, Musk, and Truth Social across 250+ domains — uncovering shared wallet infrastructure, on-chain laundering pipelines, and the tactics used to fake legitimacy.
Learn More
SecuritySnacks
Cybersecurity Reading List - Week of 2026-02-02
Commentary followed by links to cybersecurity articles and resources that caught our interest internally.
Learn More
SecuritySnacks
SecuritySnack: Phishing Interviews
Phishing campaign targets job seekers with fake career portals and interview invites, stealing ID.me credentials and deploying malware since August 2025.
Learn More

Heading

SecuritySnacks
Research
Newsletters
Podcast Episodes
About
No items found.