Skip to main content
Back to Security Snacks
Phishing

TEPCO Mass Domain Registration

Published on: 
May 30, 2024

200+ registrations in concert with financial or credential phishing

We see over 200+ billing-oriented TEPCO domains created in the last month with the same host. We suspect it’s a mass domain registration in concert with financial or credential phishing.

The domains and historical passive DNS records for the two IPs involved can be found in the GitHub link below. The pDNS may or may not include uninvolved domains, but many appear to be part of the same cluster or campaign.

If the community has any additional input, please let us know.

https://github.com/DomainTools/SecuritySnacks/tree/main/2024/TEPCO

Related Content

SecuritySnacks
Cybersecurity Reading List - Week of 2026-04-06
From Gramsci's 'morbid symptoms' to modern threat intelligence - a cybersecurity roundup exploring why defenders should treat root causes over chasing dramatic threats, with curated links on ransomware, HUMINT, disinformation, and more.
Learn More
SecuritySnacks
SecuritySnack - OpenAI Anti-Ads Malware
Stay protected against the "ChatGPT Ad Blocker" malware. This investigation reveals how a malicious Chrome extension uses Discord webhooks to steal private ChatGPT conversations, prompts, and metadata.
Learn More
SecuritySnacks
SecuritySnack - CloudFlare Anti-Security For Phishing
A Microsoft 365 credential harvesting campaign is exploiting CloudFlare's anti-bot and human verification features to evade detection. Learn how attackers use IP blocklists, user-agent filtering, and obfuscated scripts to bypass security scanners—and what it means for the industry.
Learn More

Heading

SecuritySnacks
Research
Newsletters
Podcast Episodes
About
No items found.