NEWLY-REGISTERED DOMAINS FOR 2024 US PRESIDENTIAL ELECTION SCAMS

    Date: 10/29/2024

    Severity: Medium

    Summary

    The report "Newly-Registered Domains for 2024 US Presidential Election Scams" discusses the increase in domain registrations related to election scams as the 2024 US elections approach. These scams target supporters of both major presidential candidates and include cryptocurrency fraud, donation phishing, and fake shopping websites. The report provides six specific examples of these deceptive sites, highlighting the urgent need for awareness and caution among voters.

    Indicators of Compromise (IOC) List

    URL/Domains

    kamala6900.site

    kamala-haris.com

    kalamityharris.shop

    trump2024eth.vip

    trump47president.xyz

    trumpusa.vip

    Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

    Detection Query 1

    userdomainname like "kamala6900.site" or url like "kamala6900.site" or userdomainname like "kamala-haris.com" or url like "kamala-haris.com" or userdomainname like "kalamityharris.shop" or url like "kalamityharris.shop" or userdomainname like "trump2024eth.vip" or url like "trump2024eth.vip" or userdomainname like "trump47president.xyz" or url like "trump47president.xyz" or userdomainname like "trumpusa.vip" or url like "trumpusa.vip"

    Reference: 

    https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-10-29-IOCs-for-US-election-scams.txt   


    Tags

    MalwarePhishingDomain SpoofingCryptocurrency Scams

    « Previous ArticleNext Article »

    Comments

    No records to display

    Looking for Something?
    Threat Research Categories:
    Tags