Thomas Damonneville explained yesterday on the french television evening news why the number of phishing sites pretending to be parcel delivery services would increase as the end-of-year festivities approached.

Based on StalkPhish.io data.

💾 Here is an excerpt from the names of databases used by French scammers to target European citizens.

These databases are consolidated and made available to their customers via Telegram bots for a few crypto-milli-coins to target victims more accurately and approach them with greater authority.

💡 #phishing investigation/monitoring use case for the StalkPhish.io API:

➡️ Use "ipv4" API endpoint to retrieve information about IP address hosting phishing pages (args: 223.29.226.200, from_date=2025-11-01&to_date=2025-11-09, extract)

Today, we’re excited to share details about the enhanced StalkPhish.io' #API that brings powerful search capabilities and real-time threat intelligence directly to your security workflows.

stalkphish.com/2025/11/05/s...

#phishing #scam #fraud

📝 Le marché des "fiches" en pleine expansion sur les réseaux d'arnaqueurs.

🧩 Tirées des fuites de données massives, ces "fiches" consolident, dans une même base de données, les informations personnelles de millions de français.e.s.

➡️ Plus d'information ici: stalkphish.com/2025/09/15/s...

🔥 La désormais classique arnaque par SMS "bonjour vous etes chez vous?", destinée à:

➡️ appeler à engager l'échange
➡️ conditionner la potentielle victime à donner de l'information
➡️ router la victime vers une page de phishing dédiée à la récupération d'informations bancaires et personnelles

✨ Batch N°2️⃣5️⃣0️⃣ of PhishingKit Yara rules! ✨

Rules for triage/detection/investigation on #phishing kits.
This free and OpenSource project is now 8️⃣6️⃣0️⃣ Yara rules available!

github.com/t4d/Phishing...

📢 New "workshop" section available on our GitHub repository.

🧩 Designed to publish the material presented during workshops, this repo is also an opportunity to replay these workshops yourself, at your own pace and when you have the time.

🔗 github.com/StalkPhish/w...

💡 Reminder: We will be running a workshop during leHACK, entitled “ Phishing detection and investigation with OSINT feeds and free softwares”.

🔧 W will focus on the use of open-source tools (StalkPhish-OSS, ClamAV, PhishingKit-Yara-rules, ...)

💥 Challenge accepted?

📣 Meet Thomas Damonneville - our founder - at the #M3AAWG organized by the Messaging, Malware, Mobile Anti-Abuse Working Group in Lisbon next week for his presentation entitled: “Hunting for phishing URLs, kits and business”.

👋 In partnership with Signal Spam

#phishing #phishingkit #cybersecurity

🚀 Hum, you know what?

📢 We've just reached 8️⃣0️⃣0️⃣ PhishingKit-Yara-Rules made freely available to everyone!

❓ These rules detect phishing kits targeting 3️⃣0️⃣0️⃣ of the world’s best-known brands and trade names.

-> Check this: github.com/t4d/Phishing...

#phishing #phishingkit #infosec #cyber

✨ New batch of PhishingKit Yara rules for 2025! ✨
Rules for triage/detection of phishing kits targeting users/customers of:

📌 Microsoft OneDrive
📌 Aramex
📌 Assurance Maladie
📌 Doctolib
📌 Generic email creds harvester (CN)

👉 Find these rules in our StalkPhish.io CTI product too!

✨ Second batch of PhishingKit Yara rules for 2025! ✨

Rules for triage/detection of #phishing kits:

📌 AT&T
📌 PayPal
📌 SumUp
📌 SBB CFF FFS (SwissPass)
📌 Indonesiabaik.id

This free and #OpenSource project is now:
✅ 7️⃣8️⃣7️⃣ Yara rules available!
✅ 2️⃣3️⃣0️⃣ Commits
✅ 5️⃣ years old

-> github.com/t4d/Phishing...

🎣 A Zip package containing 10 phishing kits impersonating the following brands, found yesterday using StalkPhish.io :

24H of #phishing URLs impersonating USPS.

Hundreds of domain names generated each day (detected by stalkphish.io):