🎣 Following scammers with StalkPhish.io Using Telegram data collected by StalkPhish probes, it's possible to pivot from a single phishing to an entire threat actor's ecosystem: Attackers' poor OPSEC+the right tools = actionable intelligence. 🔗 Need help with an investigation? Visit stalkphish .io

Dans l'Aude, un artisan grave lui-même des petites séries de disques Vinyl et fait vivre son label musical international Hydden Crypt Records. Il lui fallu 2 ans d'attente pour obtenir la machine nécessaire, produite en très peu d'exemplaires. #Music 🎶 www.lindependant.fr/2025/12/29/e...

Hum... is it a crooks honeypot? What could goes wrong...

😅 digging into 10 days of scammers Telegram data stored into stalkphish.io DB... Gonna applied some filters!

Prochain Bière Sécu Rennes 🗓️ 27 janvier 2026 🕰️ 18h30 📍 Bloom Pop 🌐 bieresecu.bzh

4️⃣ figures to present the results of the work carried out by StalkPhish, dedicated to hunting down phishing, fraud, and those involved in these activities.

📣 ANNOUNCEMENT: we have reached the 2,100+ scanned ports milestone, at Internet scale with a weekly refresh rate. Next step: 5,000+ ports, weekly refresh. Then 10,000 by end of next year. We will be the competitor number 1 to @censys.bsky.social in 2026. #ASM #CTI #ASD

🚀 New @StalkPhish .io Plans. Try Free for 7 Days We're excited to announce two new subscription plans on StalkPhish .io, designed to better fit your phishing detection needs. ➡️ Starter : Ideal for your first steps in threat monitoring. ➡️ Researcher : Built for security researchers and power users.

✨️ Batch N°2️⃣5️⃣5️⃣ of PhishingKit Yara rules! ✨️ 👉️ Rules for triage/detection of #phishing kits targetings users/customers of: 📌 Netflix 📌 ANTAI 📌 Itaú Unibanco 📌 M&T Bank 📌 Nedbank This free and #OpenSource project is now 8️⃣7️⃣️5️⃣ Yara rules available! github.com/t4d/Phishing...

"Celui qui s'intéressait à Tinynuke" (honteuse auto promo) open.substack.com/pub/pwned/p/...

Les cybercriminels de ShinyHunters ont payé un salarié de Crowdstrike $25 000 pour avoir ses accès au réseau interne, à minima des captures d'écran 😨 www.bleepingcomputer.com/news/securit...

Thomas Damonneville explained yesterday on the french television evening news why the number of phishing sites pretending to be parcel delivery services would increase as the end-of-year festivities approached. Based on StalkPhish.io data.

💾 Here is an excerpt from the names of databases used by French scammers to target European citizens. These databases are consolidated and made available to their customers via Telegram bots for a few crypto-milli-coins to target victims more accurately and approach them with greater authority.

💡 #phishing investigation/monitoring use case for the StalkPhish.io API: ➡️ Use "ipv4" API endpoint to retrieve information about IP address hosting phishing pages (args: 223.29.226.200, from_date=2025-11-01&to_date=2025-11-09, extract)

Today, we’re excited to share details about the enhanced StalkPhish.io' #API that brings powerful search capabilities and real-time threat intelligence directly to your security workflows. stalkphish.com/2025/11/05/s... #phishing #scam #fraud

📝 Le marché des "fiches" en pleine expansion sur les réseaux d'arnaqueurs. 🧩 Tirées des fuites de données massives, ces "fiches" consolident, dans une même base de données, les informations personnelles de millions de français.e.s. ➡️ Plus d'information ici: stalkphish.com/2025/09/15/s...

☎️ Recrutement de "calleurs" lignes entrantes - bref, des conseillers, standardistes, ... - si vous n'avez les refs relisez notre post dédié à cette menace: stalkphish.com/2025/09/15/s... #phishing

🔥 Destiné à contourner les filtres anti-phishing, l'𝐀𝐏𝐏𝐄𝐋 𝐄𝐍𝐓𝐑𝐀𝐍𝐓 est une des transformations majeures du scam francophone ces derniers mois: pour créer un sentiment d'urgence, et même éviter d'avoir à déployer un site de #phishing! 👉 Lire notre dernier article: stalkphish.com/2025/09/15/s...

🔥 La désormais classique arnaque par SMS "bonjour vous etes chez vous?", destinée à: ➡️ appeler à engager l'échange ➡️ conditionner la potentielle victime à donner de l'information ➡️ router la victime vers une page de phishing dédiée à la récupération d'informations bancaires et personnelles

📢 Nouvel article sur le blog de @stalkphish.bsky.social "Smishing à la française, collection Automne-Hiver 2025-2026" 🔎 Nouvelles techniques et tactiques utilisées par les scammers francophones ces derniers mois. stalkphish.com/2025/09/15/s...

#Podcast #Cybersécurité Épisode #512 consacré à @stalkphish.bsky.social, avec @o0tad0o.bsky.social www.nolimitsecu.fr/stalkphish/

Merci l'équipe pour l'accueil!

✨ Batch N°2️⃣5️⃣0️⃣ of PhishingKit Yara rules! ✨ Rules for triage/detection/investigation on #phishing kits. This free and OpenSource project is now 8️⃣6️⃣0️⃣ Yara rules available! github.com/t4d/Phishing...

📢 New "workshop" section available on our GitHub repository. 🧩 Designed to publish the material presented during workshops, this repo is also an opportunity to replay these workshops yourself, at your own pace and when you have the time. 🔗 github.com/StalkPhish/w...

🍿 New blog post: From Phishing Detection to Anti-Fraud Investigation 📌 At StalkPhish, our core business includes, among other things, #phishing detection. [...] 🔧 This wealth of data naturally opens the door to #anti-fraud investigations of remarkable precision. stalkphish.com/2025/07/06/f...

🌖 The event continued late into the night with #workshops dedicated to OSINT techniques for tracing #cryptocurrencies, investigating #phishing and scams, led by Tanguy Laucournet and Thomas Damonneville (@stalkphish.bsky.social).

💡 Reminder: We will be running a workshop during leHACK, entitled “ Phishing detection and investigation with OSINT feeds and free softwares”. 🔧 W will focus on the use of open-source tools (StalkPhish-OSS, ClamAV, PhishingKit-Yara-rules, ...) 💥 Challenge accepted?

-Tracing cryptocurrencies with OSINT, led by Tanguy Laucournet from FuzzingLabs. - Detecting phishing campaigns through open-source data by @o0tad0o.bsky.social from @stalkphish.bsky.social

Mon petit résumé de cette vidéo (je vous conseille de sélectionner la langue originale, la version française est assez dure à écouter, cela devient comique).

🚀 There's now 850 phishing kit yara rules available on our free and opensource project: github.com/t4d/Phishing... #phishing #yara #opensource

😅 Fun fact: l'un des réseaux les plus utilisés pour héberger des sites de #phishing se faisant passer pour les organismes de l'Etat français se nomme: 49.3

See you during #botconf between tonight and friday 👋

✨ Batch N°2️⃣4️⃣1️⃣ of PhishingKit Yara rules! ✨ Rules for triage/detection of #phishing kits targetings users/customers of: 📌 ​​​​​​​American Express 📌 Cetelem 📌 FedEx 📌 Midland States Bank 📌 Royal Credit Union github.com/t4d/Phishing...

Very happy and proud that one of my "weekend research" has been exposed in an article from Le Monde. I had spent some time during my short unemployed period to dig into #Traffyque infrastructure. www.lemonde.fr/pixels/artic... #cybercrime #lemonde

✨ New batch of PhishingKit Yara rules Rules for triage/detection of #phishing kits targetings users/customers of: 📌 E-ZPass IAG 📌 Huntington National Bank 📌 Charles Schwab 📌 Avida Finans AB 📌 SFR github.com/t4d/Phishing...

Bon #ForumInCyber à toutes et tous!

✨ 5️⃣ new PhishingKit Yara rules! ✨ Rules for triage/detection of #phishing kits targetings users/customers of: 📌 Visa 📌 Telstra 📌 MBH Bank 📌 Alibaba Group 📌 CaixaBank Find more on our #Opensource #Freesoftware repository: github.com/t4d/Phishing...

On se voit là-bas :)

🚀 Hum, you know what? 📢 We've just reached 8️⃣0️⃣0️⃣ PhishingKit-Yara-Rules made freely available to everyone! ❓ These rules detect phishing kits targeting 3️⃣0️⃣0️⃣ of the world’s best-known brands and trade names. -> Check this: github.com/t4d/Phishing... #phishing #phishingkit #infosec #cyber

Signal, WhatsApp… Les sénateurs demandent une explosive backdoor dans les messageries chiffrées www.zdnet.fr/cybersecurit...

✨ New batch of PhishingKit Yara rules for 2025! ✨ Rules for triage/detection of phishing kits targeting users/customers of: 📌 Microsoft OneDrive 📌 Aramex 📌 Assurance Maladie 📌 Doctolib 📌 Generic email creds harvester (CN) 👉 Find these rules in our StalkPhish.io CTI product too!

Rares interventions, à écouter donc, de deux professionnels du droit qui suivent de près la cybercriminalité, le magistrat Guillaume Daieff et @matthieu-audibert.fr radio.amicus-curiae.net/podcast/hack...

Je me demande si Poutine se tâte à envahir les USA pour sauver ses habitants des nazis.

I was a bit bored this weekend... So here's a quick write-up on how I pivoted from one single SMS to more than 900 fraudulent phishing websites impersonating different brand such as @netflix.com and more. www.linkedin.com/posts/cperne... #cybercrime #phishing

✨ Second batch of PhishingKit Yara rules for 2025! ✨ Rules for triage/detection of #phishing kits: 📌 AT&T 📌 PayPal 📌 SumUp 📌 SBB CFF FFS (SwissPass) 📌 Indonesiabaik.id This free and #OpenSource project is now: ✅ 7️⃣8️⃣7️⃣ Yara rules available! ✅ 2️⃣3️⃣0️⃣ Commits ✅ 5️⃣ years old -> github.com/t4d/Phishing...

New blog post: [Phishing kit] MonCompteFormation ‘Lead’ phishing kit – an analysis stalkphish.com/2025/01/17/p...

Celle qui avait découvert un malware fascinant #babar open.substack.com/pub/pwned/p/...

🚨📡 Don't miss the early bird rate for Hardwear.io's RF Hacking Advanced Training! 💥 Secure your spot now! 🚀 Details: https://buff.ly/4fw9dKe #HardwearIO #RfHacking #CyberSecurity

[French] Analyse d'un kit de #phishing MonCompteFormation (CPF) avec l'aide de stalkphish.io:: www.linkedin.com/pulse/analys...

Le jour où j'ai un doute sur un appel/visio potentiellement 'fake' par une IA, je fais chanter Titanic de C. Dion par mon interlocuteur.ice, jserai curieux de voir si ça déclenche quelque chose, au pire j'aurai bien rigolé :)