phishing investigation

Google call

Google Meet typosquat by threat actors

Bangaly Koita 2 months ago

Google Meet is an application used by million of people around the globe. The application is used by Companies, Schools, Universities, Governments, people and others.

As such a big platform, the impact of impersonation could be very devastating.

We found many domains impersonating Google Meet to trick the users to enter their credentials or to download the fake Google Meet to compromise their system.

The fake Google Meet contains the link or pop up to download the Google Meet application or Extension in the browser. By installing the fake Google Meet, the user will install a malicious payload that will be executed to compromise the system.

At the time of writing, many Companies, Schools, Universities, Governments, others are already compromised.

The impact can lead to data theft or even ransomware.

Please follow our recommendations:

Check your environment to detect the malicious domains:

google-meet-account[.]com

google-meetings[.]com

accountmeet-google[.]com

meet.gooqle-view. [.]com

meet.google[.]com

Blocked all those domains

Provide user awareness and training to the user

Bookmark the correct URL Google Meet for yours users (https://workspace.google.com/products/meet/)

In case you see such domain within your organization perform a full investigation on the host that was in touch with one of the domain by scanning the host and searching for any persistency behavior or C2 activity.

Change the user impacted credentials and re-image the host.

payoutproject scam

Payoutproject[.]com the biggest scam ever on social media Facebook, twitter, TikTok, Instagram

Bangaly Koita 1 year ago

A big scam is going on social medias. At the time of writing, thousands of people were scammed and the number is growing.

 The Payoutproject website is a marketing company located in the United States of America. The owner affirms that the members will be awarded after doing some tasks and activities which are given to them.

Many people already complained about the fake business. Unfortunately, the scam business is still growing up around the world.

As always, I love such investigation, I will share with you, how I investigated the fake business and the outcome after.

First of all, I checked the website via webarchive.org (https://web.archive.org/web/20230402014918/https://payoutproject.com/)

Like you see, the website is well design and will attract many visitors, let’s read the “Home page”.

We can see some information about the website and how we can be rewarded and get paid after performing some tasks. Well, I will be rich now 😊.

One important thing on the Home page is “There is no any fee, no any membership fee and no any paid thing. All is free... The main thing is your passion to the completion of task and promote to the friends

Many people will register to gain money fast because the is very easy and  fast.

I scrolled over the website, and found out that they are operating in many socials’ medias such as Facebook, Instagram, Twitter, TikTok.

As many scammers are usually on Facebook, I went through Facebook.com and I found on Facebook that someone published a post about the business (for privacy reason I won’t publish the name). I checked the profile of the user and found some suspicious comments scams and others social engineering threat. That was my first hit.

I found out that the post published by the user is getting more attention and is being viewed by millions of people following with thousands of comments.

At this point, we can see that the scam is word wide and many people are already impacted and will be impacted by this malicious activity.

Now, let’s reviews people feedback about the website via search engine online such as Chrome.

There are many reviews about the website, let’s detailed some of the reviews:

  1. https://www.cloudbooklet.com/entertainment/is-payoutproject-scam-or-legit

2.  https://www.scamadviser.com/check-website/payoutproject.com?utm_content=cmp-true

3. https://ie.trustpilot.com/review/payoutproject.com

Like you see in the comments from different websites, most of people who commented agreed on one thing, the website is a scam, after investing in the website, the money grow and never received the money back.

Back on the website, you can see the payment methods available to invest and be paid later.

This method can be used by the scammers to steal your sensitive data, so if you already created an account and used your PII or any sensitive data removed and changed your sensitive data and password if you used the same in any other account.

The websites mentioned the top payouts countries using the application

 

In you are located in any of the location mentioned above, inform your authority about the scam.

Always verify such business before using it. The best option will be to avoid such online business.

You may have missed

MTN logo

Million of MTN Group users data available on DarkWeb by unknown threat actor

Bangaly Koita 4 days ago
Telegram phishing

Scammers created thousand of fake websites mimicking Telegram

Bangaly Koita 1 month ago
ConnectWise

Malicious ConnectWise Control application downloaded in the wild

Bangaly Koita 1 month ago
Tesla phishing

Tesla website impersonated by threat actors

Bangaly Koita 2 months ago
Google call

Google Meet typosquat by threat actors

Bangaly Koita 2 months ago