Reconnecting to live updates…

Over 2,000 Holiday-Themed Fake Stores Detected Exploiting Black Friday and Festive Sales

Severity: mediumType: campaign

Ahead of Black Friday and festive sales, over 2,000 holiday-themed fake online stores have been detected, organized into two main clusters. These sites impersonate major retailers like Amazon and use uniform holiday banners, fake trust indicators, and phishing kits to deceive shoppers. They employ urgency tactics and fake checkout pages to steal sensitive financial information. The scams are timed to activate during peak shopping periods to maximize victim traffic and financial theft. This campaign leverages social engineering, typosquatting, and e-commerce impersonation to exploit consumer trust during high-volume shopping events. Although no direct exploits target software vulnerabilities, the threat poses significant risks to consumers and indirectly to organizations handling payment and customer data. European organizations involved in e-commerce, payment processing, and consumer protection are particularly at risk. Mitigation requires proactive detection of fraudulent domains, consumer awareness campaigns, and enhanced monitoring of payment fraud. Countries with high e-commerce adoption and large consumer markets are most likely affected. The threat severity is assessed as high due to the potential financial impact and widespread exposure without requiring user authentication but relying on user interaction.

AI Analysis

Technical Summary

This threat involves a large-scale phishing campaign exploiting the holiday shopping season, specifically Black Friday and other festive sales periods. Two main clusters of fake online stores have been identified: one with over 750 interconnected sites impersonating Amazon and using consistent holiday-themed banners and misleading trust indicators, and another cluster within a .shop domain ecosystem mimicking well-known consumer brands. These fraudulent sites deploy identical phishing kits that include fake urgency tactics such as countdown timers and limited-time offers, designed to pressure victims into quick decisions. The checkout pages are shell pages that capture sensitive financial data like credit card details and personal information. The campaign leverages social engineering techniques, typosquatting to create deceptive domain names, and e-commerce impersonation to appear legitimate. The timing of activation during peak shopping periods maximizes victim exposure and transaction volume. While no software vulnerabilities are exploited, the threat targets human factors and trust mechanisms, making it a significant vector for financial data theft. The campaign's scale and sophistication indicate organized efforts to exploit consumer behavior during high-traffic sales events. The lack of known exploits in the wild refers to software vulnerabilities, but the phishing kits themselves are actively used to harvest data. The threat is medium severity per initial classification but considering the broad impact and potential financial losses, a higher severity rating is justified. The campaign affects the confidentiality of financial data and the integrity of consumer trust, with availability not directly impacted. No authentication is required for victims, but user interaction is essential for exploitation.

Potential Impact

European organizations face multiple impacts from this threat. E-commerce platforms and payment processors may experience increased fraudulent transactions, chargebacks, and reputational damage due to association with fake stores. Financial institutions could see a rise in compromised accounts and fraudulent payments originating from stolen data. Consumer trust in legitimate online retailers may decline, especially during critical sales periods, affecting overall market confidence. Regulatory bodies in Europe, under GDPR and PSD2, may impose penalties if organizations fail to protect consumer data or detect fraudulent activities promptly. Additionally, consumer protection agencies may be burdened with increased complaints and investigations. The indirect impact on supply chains and logistics providers could arise from disrupted orders and customer dissatisfaction. The threat also poses risks to cybersecurity teams tasked with monitoring and mitigating phishing campaigns targeting European customers. Overall, the financial and reputational consequences could be significant, especially in countries with high e-commerce penetration and large consumer bases.

Mitigation Recommendations

To mitigate this threat, European organizations should implement advanced domain monitoring and threat intelligence solutions to detect and block access to known fake store domains, especially those mimicking their brands. Deploying real-time URL filtering and anti-phishing technologies at network and endpoint levels can reduce user exposure. Consumer education campaigns timed before peak shopping seasons should raise awareness about fake stores, emphasizing verification of URLs and caution with urgent offers. Payment processors should enhance fraud detection algorithms to identify suspicious transactions linked to these phishing sites. Collaboration with domain registrars and hosting providers to take down fraudulent domains swiftly is critical. Organizations should also monitor social media and advertising platforms for fake promotions linked to these scams. Multi-factor authentication and transaction verification mechanisms can reduce the impact of stolen credentials. Finally, incident response plans should include procedures for addressing phishing campaigns and communicating with affected customers promptly to minimize damage.

Affected Countries

United Kingdom, Germany, France, Netherlands, Italy, Spain, Sweden, Belgium, Poland, Ireland

Indicators of Compromise

hash: 095a3ebc77f4e46b3adda543b61d90b7d3f20b41532c07772edd31908d060bb2
domain: 8bitdosafe.shop
domain: aetnasafe.shop
domain: ahavasafe.shop
domain: aiwasafe.shop
domain: akitassafe.shop
domain: akkosafe.shop
domain: alintorsafe.shop
domain: allegracesafe.shop
domain: allterrainsafe.shop
domain: alovesafe.shop
domain: alpakaonline.shop
domain: alpensattelus.shop
domain: amaboxreturns.com
domain: amazfitsafe.shop
domain: amazonamazonbasicsonline.shop
domain: amazonshome.com
domain: amdsafe.shop
domain: americansafe.shop
domain: apremiumsafe.shop
domain: aqarasafe.shop
domain: aquafreshsafe.shop
domain: armitronsafe.shop
domain: arrissafe.shop
domain: arussafe.shop
domain: ascotsafe.shop
domain: aspectsafe.shop
domain: astroaisafe.shop
domain: atarisafe.shop
domain: atasus.shop
domain: atomysafe.shop
domain: atoztreasure.com
domain: atuvossafe.shop
domain: avantreesafe.shop
domain: avedasafe.shop
domain: avengerssafe.shop
domain: awarasafe.shop
domain: ayeshasafe.shop
domain: babygosafe.shop
domain: babylisssafe.shop
domain: babymoovsafe.shop
domain: badensafe.shop
domain: badusafe.shop
domain: bahcosafe.shop
domain: balancesafe.shop
domain: banquetfast.shop
domain: banquetusabst.shop
domain: barberbosssafe.shop
domain: barcosafe.shop
domain: barneysafe.shop
domain: baronsafe.shop
domain: bboxsalede.shop
domain: bcwsafe.shop
domain: beelinksafe.shop
domain: bellavitasafe.shop
domain: benadrylsafe.shop
domain: benfeisafe.shop
domain: berkshirestore.shop
domain: bernysafe.shop
domain: besteksafe.shop
domain: bestronsafe.shop
domain: bestwaysafe.shop
domain: bett1safe.shop
domain: beyerdynamicsafe.shop
domain: bhcosmeticssafe.shop
domain: bianyosafe.shop
domain: biggamesafe.shop
domain: biibsafe.shop
domain: billblasssafe.shop
domain: billiesales.shop
domain: billieusbst.shop
domain: bionairestore.shop
domain: bizzysafe.shop
domain: blackburnsafe.shop
domain: blackbutterflysafe.shop
domain: blackflagsafe.shop
domain: blackstonesafe.shop
domain: blindscontrol.shop
domain: blinksafe.shop
domain: blossomsafe.shop
domain: blueboxstore.shop
domain: bluemoonsafe.shop
domain: blueorangesafe.shop
domain: bluepetsafe.shop
domain: bluettisafe.shop
domain: bluewavesafe.shop
domain: bluntsafe.shop
domain: boaosafe.shop
domain: bodegasafe.shop
domain: bodhisafe.shop
domain: bodisafe.shop
domain: bodyguardsafe.shop
domain: bonessafe.shop
domain: bonidesafe.shop
domain: bonsafe.shop
domain: bontecsafe.shop
domain: borosafe.shop
domain: boxercraftsafe.shop
domain: bradleysafe.shop
domain: brandname-safe.shop
domain: bravensafe.shop
domain: brennenstuhlsafe.shop
domain: bricosafe.shop
domain: bridgestonesafe.shop
domain: brpsafe.shop
domain: brynsafe.shop
domain: bsnsafe.shop
domain: btfbmsafe.shop
domain: bublysafe.shop
domain: bubssafe.shop
domain: buglessaleus.shop
domain: bulovasafe.shop
domain: buoysafe.shop
domain: burstsafe.shop
domain: busybeesafe.shop
domain: busysafe.shop
domain: butterfingersafe.shop
domain: bwesafe.shop
domain: bybenyarsafe.shop
domain: camechosafe.shop
domain: capturesafe.shop
domain: careallsafe.shop
domain: carnivalsafe.shop
domain: cartmansafe.shop
domain: cosrxus.shop
domain: diadorasafe.shop
domain: fiiosafe.shop
domain: flipclock.blackfriday
domain: flipclock.christmas
domain: fujifilmsafe.shop
domain: fujitsusafe.shop
domain: garminsafe.shop
domain: georgmat.com
domain: gotraxsafe.shop
domain: hpksafe.shop
domain: jomalonesafe.shop
domain: kenwoodsafe.shop
domain: meetionsafe.shop
domain: omronsafe.shop
domain: paulaschoicefast.shop
domain: rarebeautysafe.shop
domain: samsungsafe.shop
domain: seagatesafe.shop
domain: sharksafe.shop
domain: skhynixsafe.shop
domain: snapplesales.shop
domain: sunnysideupbakerysale.shop
domain: timhortonssafe.shop
domain: viomisafe.shop
domain: westerndigitalsafe.shop
domain: xiaomidea.shop
domain: yalesafe.shop
domain: samsunghugesale.shop
domain: www.amaboxhub.com
domain: www.amaboxmarket.com
domain: www.amaboxmarketplus.com
domain: www.amaboxmarkets.com
domain: www.amaboxpallet.com
domain: www.amabxestore.com
domain: www.amafastsale.com
domain: www.amaluckybox.com
domain: www.amaluckybx.com
domain: www.amanpalets.com
domain: www.amanwarehouse.com
domain: www.amapalettes.com
domain: www.amapalletmarket.com
domain: www.amapalletmarkets.com
domain: www.amapalletsales.com
domain: www.amapalletsreturn.com
domain: www.amastorages.com
domain: www.amasuprisepallet.com
domain: www.amawarehousebox.com
domain: www.amawarehousesale.com
domain: www.amawarehousex.com
domain: www.amawhsepallets.com
domain: www.amaxboxsalex.com
domain: www.amazboxde.com
domain: www.amazgeheimnisbox.com
domain: www.amazhotsales.com
domain: www.amaznboxsaleus.com
domain: www.amaznbxstore.com
domain: www.amaznsalepallets.com
domain: www.amaznsbigsale.com
domain: www.amaznshop.com
domain: www.amaznsliquidation.com
domain: www.amazonpalletrush.com
domain: www.amazonreturnsbox.com
domain: www.amazpalette.com
domain: www.amazpalletsgift.com
domain: www.amazrpallets.com
domain: www.amazsaleboxus.com
domain: www.amazsalepalletus.com
domain: www.amazusboxes.com
domain: www.amazxpallets.com
domain: www.amzelectronicbox.com
domain: www.amzglobalpallets.com
domain: www.amzliquidationpallet.com
domain: www.amznbigsale.com
domain: www.amznboxsales.com
domain: www.amznpallet.com
domain: www.amznpalletmarket.com
domain: www.amznreturnsale.com
domain: www.amznsliquidation.com
domain: www.amznsmysterybox.com
domain: www.amzonboxshop.com
domain: www.amzonpaletten.com
domain: www.amzpaletten.com
domain: www.amzpalletliquidation.com
domain: www.amzreturenbox.com
domain: www.amzreturn.com
domain: www.amzreturnpallet.com
domain: www.georgmat.com
domain: www.hiwoji.com
domain: www.howokin.com
domain: www.hwujo.com
domain: www.kinwony.com
domain: www.loyoyi.com
domain: www.pasony.com
domain: www.qinsony.com
domain: www.qiotong.com
domain: www.sintayo.com
domain: www.thewonsel.com
domain: www.tisuny.com

Over 2,000 Holiday-Themed Fake Stores Detected Exploiting Black Friday and Festive Sales

Severity: medium

Type: campaign

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

United Kingdom, Germany, France, Netherlands, Italy, Spain, Sweden, Belgium, Poland, Ireland

Indicators of Compromise

hash: 095a3ebc77f4e46b3adda543b61d90b7d3f20b41532c07772edd31908d060bb2
domain: 8bitdosafe.shop
domain: aetnasafe.shop
domain: ahavasafe.shop
domain: aiwasafe.shop
domain: akitassafe.shop
domain: akkosafe.shop
domain: alintorsafe.shop
domain: allegracesafe.shop
domain: allterrainsafe.shop
domain: alovesafe.shop
domain: alpakaonline.shop
domain: alpensattelus.shop
domain: amaboxreturns.com
domain: amazfitsafe.shop
domain: amazonamazonbasicsonline.shop
domain: amazonshome.com
domain: amdsafe.shop
domain: americansafe.shop
domain: apremiumsafe.shop
domain: aqarasafe.shop
domain: aquafreshsafe.shop
domain: armitronsafe.shop
domain: arrissafe.shop
domain: arussafe.shop
domain: ascotsafe.shop
domain: aspectsafe.shop
domain: astroaisafe.shop
domain: atarisafe.shop
domain: atasus.shop
domain: atomysafe.shop
domain: atoztreasure.com
domain: atuvossafe.shop
domain: avantreesafe.shop
domain: avedasafe.shop
domain: avengerssafe.shop
domain: awarasafe.shop
domain: ayeshasafe.shop
domain: babygosafe.shop
domain: babylisssafe.shop
domain: babymoovsafe.shop
domain: badensafe.shop
domain: badusafe.shop
domain: bahcosafe.shop
domain: balancesafe.shop
domain: banquetfast.shop
domain: banquetusabst.shop
domain: barberbosssafe.shop
domain: barcosafe.shop
domain: barneysafe.shop
domain: baronsafe.shop
domain: bboxsalede.shop
domain: bcwsafe.shop
domain: beelinksafe.shop
domain: bellavitasafe.shop
domain: benadrylsafe.shop
domain: benfeisafe.shop
domain: berkshirestore.shop
domain: bernysafe.shop
domain: besteksafe.shop
domain: bestronsafe.shop
domain: bestwaysafe.shop
domain: bett1safe.shop
domain: beyerdynamicsafe.shop
domain: bhcosmeticssafe.shop
domain: bianyosafe.shop
domain: biggamesafe.shop
domain: biibsafe.shop
domain: billblasssafe.shop
domain: billiesales.shop
domain: billieusbst.shop
domain: bionairestore.shop
domain: bizzysafe.shop
domain: blackburnsafe.shop
domain: blackbutterflysafe.shop
domain: blackflagsafe.shop
domain: blackstonesafe.shop
domain: blindscontrol.shop
domain: blinksafe.shop
domain: blossomsafe.shop
domain: blueboxstore.shop
domain: bluemoonsafe.shop
domain: blueorangesafe.shop
domain: bluepetsafe.shop
domain: bluettisafe.shop
domain: bluewavesafe.shop
domain: bluntsafe.shop
domain: boaosafe.shop
domain: bodegasafe.shop
domain: bodhisafe.shop
domain: bodisafe.shop
domain: bodyguardsafe.shop
domain: bonessafe.shop
domain: bonidesafe.shop
domain: bonsafe.shop
domain: bontecsafe.shop
domain: borosafe.shop
domain: boxercraftsafe.shop
domain: bradleysafe.shop
domain: brandname-safe.shop
domain: bravensafe.shop
domain: brennenstuhlsafe.shop
domain: bricosafe.shop
domain: bridgestonesafe.shop
domain: brpsafe.shop
domain: brynsafe.shop
domain: bsnsafe.shop
domain: btfbmsafe.shop
domain: bublysafe.shop
domain: bubssafe.shop
domain: buglessaleus.shop
domain: bulovasafe.shop
domain: buoysafe.shop
domain: burstsafe.shop
domain: busybeesafe.shop
domain: busysafe.shop
domain: butterfingersafe.shop
domain: bwesafe.shop
domain: bybenyarsafe.shop
domain: camechosafe.shop
domain: capturesafe.shop
domain: careallsafe.shop
domain: carnivalsafe.shop
domain: cartmansafe.shop
domain: cosrxus.shop
domain: diadorasafe.shop
domain: fiiosafe.shop
domain: flipclock.blackfriday
domain: flipclock.christmas
domain: fujifilmsafe.shop
domain: fujitsusafe.shop
domain: garminsafe.shop
domain: georgmat.com
domain: gotraxsafe.shop
domain: hpksafe.shop
domain: jomalonesafe.shop
domain: kenwoodsafe.shop
domain: meetionsafe.shop
domain: omronsafe.shop
domain: paulaschoicefast.shop
domain: rarebeautysafe.shop
domain: samsungsafe.shop
domain: seagatesafe.shop
domain: sharksafe.shop
domain: skhynixsafe.shop
domain: snapplesales.shop
domain: sunnysideupbakerysale.shop
domain: timhortonssafe.shop
domain: viomisafe.shop
domain: westerndigitalsafe.shop
domain: xiaomidea.shop
domain: yalesafe.shop
domain: samsunghugesale.shop
domain: www.amaboxhub.com
domain: www.amaboxmarket.com
domain: www.amaboxmarketplus.com
domain: www.amaboxmarkets.com
domain: www.amaboxpallet.com
domain: www.amabxestore.com
domain: www.amafastsale.com
domain: www.amaluckybox.com
domain: www.amaluckybx.com
domain: www.amanpalets.com
domain: www.amanwarehouse.com
domain: www.amapalettes.com
domain: www.amapalletmarket.com
domain: www.amapalletmarkets.com
domain: www.amapalletsales.com
domain: www.amapalletsreturn.com
domain: www.amastorages.com
domain: www.amasuprisepallet.com
domain: www.amawarehousebox.com
domain: www.amawarehousesale.com
domain: www.amawarehousex.com
domain: www.amawhsepallets.com
domain: www.amaxboxsalex.com
domain: www.amazboxde.com
domain: www.amazgeheimnisbox.com
domain: www.amazhotsales.com
domain: www.amaznboxsaleus.com
domain: www.amaznbxstore.com
domain: www.amaznsalepallets.com
domain: www.amaznsbigsale.com
domain: www.amaznshop.com
domain: www.amaznsliquidation.com
domain: www.amazonpalletrush.com
domain: www.amazonreturnsbox.com
domain: www.amazpalette.com
domain: www.amazpalletsgift.com
domain: www.amazrpallets.com
domain: www.amazsaleboxus.com
domain: www.amazsalepalletus.com
domain: www.amazusboxes.com
domain: www.amazxpallets.com
domain: www.amzelectronicbox.com
domain: www.amzglobalpallets.com
domain: www.amzliquidationpallet.com
domain: www.amznbigsale.com
domain: www.amznboxsales.com
domain: www.amznpallet.com
domain: www.amznpalletmarket.com
domain: www.amznreturnsale.com
domain: www.amznsliquidation.com
domain: www.amznsmysterybox.com
domain: www.amzonboxshop.com
domain: www.amzonpaletten.com
domain: www.amzpaletten.com
domain: www.amzpalletliquidation.com
domain: www.amzreturenbox.com
domain: www.amzreturn.com
domain: www.amzreturnpallet.com
domain: www.georgmat.com
domain: www.hiwoji.com
domain: www.howokin.com
domain: www.hwujo.com
domain: www.kinwony.com
domain: www.loyoyi.com
domain: www.pasony.com
domain: www.qinsony.com
domain: www.qiotong.com
domain: www.sintayo.com
domain: www.thewonsel.com
domain: www.tisuny.com

Source: AlienVault OTX General

Published: Thu Nov 27 2025

Over 2,000 Holiday-Themed Fake Stores Detected Exploiting Black Friday and Festive Sales

Medium

Campaignsocial engineering fake online stores phishing typosquatting holiday shopping fraud black friday scams financial data theft e-commerce impersonation t1583.002 t1566.002 t1608.001 t1583.001 t1185 t1608.005 t1528 t1071.001 t1204.001 t1566.003

Published: Thu Nov 27 2025 (11/27/2025, 19:04:42 UTC)

Source: AlienVault OTX General

Description

AI-Powered Analysis

AILast updated: 11/28/2025, 09:07:14 UTC

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Need more detailed analysis?Get Pro

Pro Feature

For access to advanced analysis and higher rate limits, contact root@offseq.com

Technical Details

Author: AlienVault
Tlp: white
References: ["https://www.cloudsek.com/blog/cloudsek-detects-over-2-000-holiday-themed-fake-stores-exploiting-black-friday-and-festive-sales"]
Adversary: null
Pulse Id: 6928a0ca4226eefa5410be43
Threat Score: null

Indicators of Compromise

Hash

Value	Description	Copy
hash095a3ebc77f4e46b3adda543b61d90b7d3f20b41532c07772edd31908d060bb2	—

Domain

Value	Description	Copy
domain8bitdosafe.shop	—
domainaetnasafe.shop	—
domainahavasafe.shop	—
domainaiwasafe.shop	—
domainakitassafe.shop	—
domainakkosafe.shop	—
domainalintorsafe.shop	—
domainallegracesafe.shop	—
domainallterrainsafe.shop	—
domainalovesafe.shop	—
domainalpakaonline.shop	—
domainalpensattelus.shop	—
domainamaboxreturns.com	—
domainamazfitsafe.shop	—
domainamazonamazonbasicsonline.shop	—
domainamazonshome.com	—
domainamdsafe.shop	—
domainamericansafe.shop	—
domainapremiumsafe.shop	—
domainaqarasafe.shop	—
domainaquafreshsafe.shop	—
domainarmitronsafe.shop	—
domainarrissafe.shop	—
domainarussafe.shop	—
domainascotsafe.shop	—
domainaspectsafe.shop	—
domainastroaisafe.shop	—
domainatarisafe.shop	—
domainatasus.shop	—
domainatomysafe.shop	—
domainatoztreasure.com	—
domainatuvossafe.shop	—
domainavantreesafe.shop	—
domainavedasafe.shop	—
domainavengerssafe.shop	—
domainawarasafe.shop	—
domainayeshasafe.shop	—
domainbabygosafe.shop	—
domainbabylisssafe.shop	—
domainbabymoovsafe.shop	—
domainbadensafe.shop	—
domainbadusafe.shop	—
domainbahcosafe.shop	—
domainbalancesafe.shop	—
domainbanquetfast.shop	—
domainbanquetusabst.shop	—
domainbarberbosssafe.shop	—
domainbarcosafe.shop	—
domainbarneysafe.shop	—
domainbaronsafe.shop	—
domainbboxsalede.shop	—
domainbcwsafe.shop	—
domainbeelinksafe.shop	—
domainbellavitasafe.shop	—
domainbenadrylsafe.shop	—
domainbenfeisafe.shop	—
domainberkshirestore.shop	—
domainbernysafe.shop	—
domainbesteksafe.shop	—
domainbestronsafe.shop	—
domainbestwaysafe.shop	—
domainbett1safe.shop	—
domainbeyerdynamicsafe.shop	—
domainbhcosmeticssafe.shop	—
domainbianyosafe.shop	—
domainbiggamesafe.shop	—
domainbiibsafe.shop	—
domainbillblasssafe.shop	—
domainbilliesales.shop	—
domainbillieusbst.shop	—
domainbionairestore.shop	—
domainbizzysafe.shop	—
domainblackburnsafe.shop	—
domainblackbutterflysafe.shop	—
domainblackflagsafe.shop	—
domainblackstonesafe.shop	—
domainblindscontrol.shop	—
domainblinksafe.shop	—
domainblossomsafe.shop	—
domainblueboxstore.shop	—
domainbluemoonsafe.shop	—
domainblueorangesafe.shop	—
domainbluepetsafe.shop	—
domainbluettisafe.shop	—
domainbluewavesafe.shop	—
domainbluntsafe.shop	—
domainboaosafe.shop	—
domainbodegasafe.shop	—
domainbodhisafe.shop	—
domainbodisafe.shop	—
domainbodyguardsafe.shop	—
domainbonessafe.shop	—
domainbonidesafe.shop	—
domainbonsafe.shop	—
domainbontecsafe.shop	—
domainborosafe.shop	—
domainboxercraftsafe.shop	—
domainbradleysafe.shop	—
domainbrandname-safe.shop	—
domainbravensafe.shop	—
domainbrennenstuhlsafe.shop	—
domainbricosafe.shop	—
domainbridgestonesafe.shop	—
domainbrpsafe.shop	—
domainbrynsafe.shop	—
domainbsnsafe.shop	—
domainbtfbmsafe.shop	—
domainbublysafe.shop	—
domainbubssafe.shop	—
domainbuglessaleus.shop	—
domainbulovasafe.shop	—
domainbuoysafe.shop	—
domainburstsafe.shop	—
domainbusybeesafe.shop	—
domainbusysafe.shop	—
domainbutterfingersafe.shop	—
domainbwesafe.shop	—
domainbybenyarsafe.shop	—
domaincamechosafe.shop	—
domaincapturesafe.shop	—
domaincareallsafe.shop	—
domaincarnivalsafe.shop	—
domaincartmansafe.shop	—
domaincosrxus.shop	—
domaindiadorasafe.shop	—
domainfiiosafe.shop	—
domainflipclock.blackfriday	—
domainflipclock.christmas	—
domainfujifilmsafe.shop	—
domainfujitsusafe.shop	—
domaingarminsafe.shop	—
domaingeorgmat.com	—
domaingotraxsafe.shop	—
domainhpksafe.shop	—
domainjomalonesafe.shop	—
domainkenwoodsafe.shop	—
domainmeetionsafe.shop	—
domainomronsafe.shop	—
domainpaulaschoicefast.shop	—
domainrarebeautysafe.shop	—
domainsamsungsafe.shop	—
domainseagatesafe.shop	—
domainsharksafe.shop	—
domainskhynixsafe.shop	—
domainsnapplesales.shop	—
domainsunnysideupbakerysale.shop	—
domaintimhortonssafe.shop	—
domainviomisafe.shop	—
domainwesterndigitalsafe.shop	—
domainxiaomidea.shop	—
domainyalesafe.shop	—
domainsamsunghugesale.shop	—
domainwww.amaboxhub.com	—
domainwww.amaboxmarket.com	—
domainwww.amaboxmarketplus.com	—
domainwww.amaboxmarkets.com	—
domainwww.amaboxpallet.com	—
domainwww.amabxestore.com	—
domainwww.amafastsale.com	—
domainwww.amaluckybox.com	—
domainwww.amaluckybx.com	—
domainwww.amanpalets.com	—
domainwww.amanwarehouse.com	—
domainwww.amapalettes.com	—
domainwww.amapalletmarket.com	—
domainwww.amapalletmarkets.com	—
domainwww.amapalletsales.com	—
domainwww.amapalletsreturn.com	—
domainwww.amastorages.com	—
domainwww.amasuprisepallet.com	—
domainwww.amawarehousebox.com	—
domainwww.amawarehousesale.com	—
domainwww.amawarehousex.com	—
domainwww.amawhsepallets.com	—
domainwww.amaxboxsalex.com	—
domainwww.amazboxde.com	—
domainwww.amazgeheimnisbox.com	—
domainwww.amazhotsales.com	—
domainwww.amaznboxsaleus.com	—
domainwww.amaznbxstore.com	—
domainwww.amaznsalepallets.com	—
domainwww.amaznsbigsale.com	—
domainwww.amaznshop.com	—
domainwww.amaznsliquidation.com	—
domainwww.amazonpalletrush.com	—
domainwww.amazonreturnsbox.com	—
domainwww.amazpalette.com	—
domainwww.amazpalletsgift.com	—
domainwww.amazrpallets.com	—
domainwww.amazsaleboxus.com	—
domainwww.amazsalepalletus.com	—
domainwww.amazusboxes.com	—
domainwww.amazxpallets.com	—
domainwww.amzelectronicbox.com	—
domainwww.amzglobalpallets.com	—
domainwww.amzliquidationpallet.com	—
domainwww.amznbigsale.com	—
domainwww.amznboxsales.com	—
domainwww.amznpallet.com	—
domainwww.amznpalletmarket.com	—
domainwww.amznreturnsale.com	—
domainwww.amznsliquidation.com	—
domainwww.amznsmysterybox.com	—
domainwww.amzonboxshop.com	—
domainwww.amzonpaletten.com	—
domainwww.amzpaletten.com	—
domainwww.amzpalletliquidation.com	—
domainwww.amzreturenbox.com	—
domainwww.amzreturn.com	—
domainwww.amzreturnpallet.com	—
domainwww.georgmat.com	—
domainwww.hiwoji.com	—
domainwww.howokin.com	—
domainwww.hwujo.com	—
domainwww.kinwony.com	—
domainwww.loyoyi.com	—
domainwww.pasony.com	—
domainwww.qinsony.com	—
domainwww.qiotong.com	—
domainwww.sintayo.com	—
domainwww.thewonsel.com	—
domainwww.tisuny.com	—

Threat ID: 692963a0bc8dfaadef9e1242

Added to database: 11/28/2025, 8:56:00 AM

Last enriched: 11/28/2025, 9:07:14 AM

Last updated: 12/4/2025, 6:41:40 PM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Related Threats

Albiriox Exposed: A New RAT Mobile Malware Targeting Global Finance and Crypto Wallets

Medium

MalwareThu Dec 04 2025

DNS Uncovers Infrastructure Used in SSO Attacks

Medium

CampaignWed Dec 03 2025

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Over 2,000 Holiday-Themed Fake Stores Detected Exploiting Black Friday and Festive Sales

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Affected Countries

Indicators of Compromise

Over 2,000 Holiday-Themed Fake Stores Detected Exploiting Black Friday and Festive Sales

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Affected Countries

Technical Details

Indicators of Compromise

Hash

Domain

Community Reviews

Related Threats

Cloudflare Blocks Aisuru Botnet Powered Largest Ever 29.7 Tbps DDoS Attack

Global Corporate Web

4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign

Albiriox Exposed: A New RAT Mobile Malware Targeting Global Finance and Crypto Wallets

DNS Uncovers Infrastructure Used in SSO Attacks

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility