Investigations & Reports
In-depth analyses of scams, vulnerabilities, and emerging threats — so you know what's out there and how to stay protected.
ALERT: SpiderFoot Scam Resurfaced on spiderrfoot.com
The misleading SpiderFoot distribution site we previously investigated on spiderfoot[.]org has now appeared on a second domain: spiderrfoot[.]com. Because SpiderFoot has no official website, any domain can be mistaken for the real thing.
Read Full Report →
Rixav.sbs: A Crypto Wallet Phishing Site
rixav.sbs impersonates a wallet recovery service to trick users into entering their seed phrases and private keys. This report documents how the scam works, what the site does with your credentials, and why any wallet that touched it should be considered compromised.
The Fake Parking Ticket Scam Hitting NYC Phones — and the AI-Powered Machine Behind It
Thousands of New Yorkers are receiving texts with an official-looking court notice and a QR code. We scanned it. What we found is a same-day-deployed, Chinese-linked smishing operation that reveals how AI is rapidly accelerating the scale and polish of fraud.
Read Report →
Evofince: Fake Licenses, Template Infrastructure, and a Phantom Crypto Exchange
This investigation analyzes evofince.com, a cryptocurrency trading platform that presents itself as a high-volume digital asset exchange. Despite claims of regulatory licensing and years of operational history, domain records show the website was only registered in January 2026.
More Investigations
FineretCreditUnion.com: Credit Union Using Recycled Scam Infrastructure
A website claiming to be a legitimate credit union appears to be part of a template-based financial scam network designed to collect personal information and solicit fraudulent loan payments.
Spiderfoot.org: Google Search Mislabels an Unofficial SpiderFoot Site
An unofficial website appearing in search results for the SpiderFoot OSINT tool may be misleading users into downloading software through untrusted channels. Despite the site itself stating it is not affiliated with the official project, search engine AI summaries identify it as the legitimate source
Trisonet: A Public Awareness Report
Trisonet presents itself as a “Christian wealth community” promising divine prosperity through a digital asset called Gkwth—but our investigation reveals a far more troubling reality. Behind the religious branding and emotional appeals lies a classic pyramid scheme, requiring mandatory buy-ins and timed recruitment quotas disguised as “godly principles.”
AA4 Financial Services: An Investigation into a Rebranded Advance Fee Scam
Our investigation into AA4 Financial Services reveals that the company is operating under deceptive practices consistent with an advance fee scam. By analyzing domain history, company filings, and cloned website evidence, we found that AA4 is a rebranded version of a previous entity, ALS Financial Consultants. Their false representation of directors, hidden ownership, and use of elaborate financial promises are all strong indicators of fraud.
New Phishing Campaign Exploits Real Facebook Emails to Target Businesses
A new phishing campaign uncovered through InboxSpotter submissions abuses real Facebook infrastructure to target businesses and users with Facebook business profiles. Attackers disguise phishing URLs within legitimate Facebook notifications, even offering free advertising credit to lure victims into entering their credentials.
VerdantCharity
“Verdant Charity” is a gofundme type platform that allows users to create donation campaigns to raise money. These campaigns receive fake funding from bots or other manual methods that are systematically determined, then in order to “widthdraw” the funds, the victim needs to pay some sort of fee.