Cybersecurity Reach Foundation

Investigations & Reports

In-depth analyses of scams, vulnerabilities, and emerging threats — so you know what's out there and how to stay protected.

Featured

ALERT: SpiderFoot Scam Resurfaced on spiderrfoot.com

The misleading SpiderFoot distribution site we previously investigated on spiderfoot[.]org has now appeared on a second domain: spiderrfoot[.]com. Because SpiderFoot has no official website, any domain can be mistaken for the real thing.

Read Full Report →
ALERT: SpiderFoot Scam Resurfaced on spiderrfoot.com

Rixav.sbs: A Crypto Wallet Phishing Site

rixav.sbs impersonates a wallet recovery service to trick users into entering their seed phrases and private keys. This report documents how the scam works, what the site does with your credentials, and why any wallet that touched it should be considered compromised.

by Pammi Balani
Read Report →
Rixav.sbs: A Crypto Wallet Phishing Site

The Fake Parking Ticket Scam Hitting NYC Phones — and the AI-Powered Machine Behind It

Thousands of New Yorkers are receiving texts with an official-looking court notice and a QR code. We scanned it. What we found is a same-day-deployed, Chinese-linked smishing operation that reveals how AI is rapidly accelerating the scale and polish of fraud.

Read Report →
The Fake Parking Ticket Scam Hitting NYC Phones — and the AI-Powered Machine Behind It

Evofince: Fake Licenses, Template Infrastructure, and a Phantom Crypto Exchange

This investigation analyzes evofince.com, a cryptocurrency trading platform that presents itself as a high-volume digital asset exchange. Despite claims of regulatory licensing and years of operational history, domain records show the website was only registered in January 2026.

by Tenzin Phuntsok
Read Report →
Evofince: Fake Licenses, Template Infrastructure, and a Phantom Crypto Exchange

More Investigations

FineretCreditUnion.com: Credit Union Using Recycled Scam Infrastructure

FineretCreditUnion.com: Credit Union Using Recycled Scam Infrastructure

A website claiming to be a legitimate credit union appears to be part of a template-based financial scam network designed to collect personal information and solicit fraudulent loan payments.

by Matthew Sweet
Spiderfoot.org: Google Search Mislabels an Unofficial SpiderFoot Site

Spiderfoot.org: Google Search Mislabels an Unofficial SpiderFoot Site

An unofficial website appearing in search results for the SpiderFoot OSINT tool may be misleading users into downloading software through untrusted channels. Despite the site itself stating it is not affiliated with the official project, search engine AI summaries identify it as the legitimate source

by Pammi Balani
Trisonet: A Public Awareness Report

Trisonet: A Public Awareness Report

Trisonet presents itself as a “Christian wealth community” promising divine prosperity through a digital asset called Gkwth—but our investigation reveals a far more troubling reality. Behind the religious branding and emotional appeals lies a classic pyramid scheme, requiring mandatory buy-ins and timed recruitment quotas disguised as “godly principles.”

AA4 Financial Services: An Investigation into a Rebranded Advance Fee Scam

AA4 Financial Services: An Investigation into a Rebranded Advance Fee Scam

Our investigation into AA4 Financial Services reveals that the company is operating under deceptive practices consistent with an advance fee scam. By analyzing domain history, company filings, and cloned website evidence, we found that AA4 is a rebranded version of a previous entity, ALS Financial Consultants. Their false representation of directors, hidden ownership, and use of elaborate financial promises are all strong indicators of fraud.

New Phishing Campaign Exploits Real Facebook Emails to Target Businesses

New Phishing Campaign Exploits Real Facebook Emails to Target Businesses

A new phishing campaign uncovered through InboxSpotter submissions abuses real Facebook infrastructure to target businesses and users with Facebook business profiles. Attackers disguise phishing URLs within legitimate Facebook notifications, even offering free advertising credit to lure victims into entering their credentials.

VerdantCharity

VerdantCharity

“Verdant Charity” is a gofundme type platform that allows users to create donation campaigns to raise money. These campaigns receive fake funding from bots or other manual methods that are systematically determined, then in order to “widthdraw” the funds, the victim needs to pay some sort of fee.