MosheInteresting leads here. This could be just a regular criminal scheme (phishing), but it could also be laying the groundwork for using typo squatting for an influence operation. This was one of the TTPs used in the Endless Mayfly campaign. Read more about it:
https://citizenlab.ca/2019/05/burned-after-reading-endless-mayflys-ephemeral-disinformation-campaign/
https://infosec.exchange/@kyleehmke/109381662838453251
#disinformation
@potemkinvillage
https://citizenlab.ca/2019/05/burned-after-reading-endless-mayflys-ephemeral-disinformation-campaign/
https://infosec.exchange/@kyleehmke/109381662838453251
#disinformation
@potemkinvillage
