Block Savvy Seahorse
fake investment scams
#461
Labels
Code Update 🔔
Code Update
enhancement 👍
New feature or request
FINSIHED
FINSIHED
Priority: Medium
Priority: Medium
Testing - Passed
Testing - Passed
Enhancement idea
Savvy Seahorse
fake investment scams.Description
The actor, known as Savvy Seahorse, employs DNS CNAME records to set up a traffic distribution system (TDS) for their fraudulent schemes. These campaigns involve using fake ChatGPT and WhatsApp bots to lure victims into fake investment opportunities, targeting individuals speaking various languages. Savvy Seahorse's operations have been ongoing since at least August 2021 and are primarily conducted through Facebook advertisements.
Links
https://blogs.infoblox.com/cyber-threat-intelligence/beware-the-shallow-waters-savvy-seahorse-lures-victims-to-fake-investment-platforms-through-facebook-ads/
https://github.com/infobloxopen/threat-intelligence/blob/main/indicators/csv/savvy_seahorse_20240228_iocs.csv
IOC
I2P websites
n/a
IPFS websites
n/a
Tor2web websites
n/a
TOR websites
n/a
URL's
n/a
Folders
n/a
Sub-Domains
n/a
Domains
IP's
n/a
Emails
n/a
Wallet addresses
n/a
Mining pool addresses
n/a
The text was updated successfully, but these errors were encountered: