Suspicious

Phishings targeting Kraken

Suspicious and active websites

Phishings targeting Kraken

Suspicious and active websites

Active
5
New (7d)
0
Trend (7d)
↓100%
Website
kraken.com
About
AICrypto exchange phishing - same login / 2FA-bypass pattern as Binance and Coinbase.
Hosts
Weebly, Inc. (2) · Cloudflare, Inc. (2) · DigitalOcean, LLC (1)
Countries
United StatesUnited States (4) · United KingdomUnited Kingdom (1)
TLS certs
WE1 (2) · E7 (2) · Let's Encrypt (1)

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

Last check (UTC) First seen (UTC) URL Screenshot Flags Details
2026-05-18 19:30 2026-05-06 13:04
http://access-learn-kraken-en.tem3.io
Screenshot of access-learn-kraken-en.tem3.io GSB OpenPhish Details
2026-05-18 19:30 2026-04-29 01:04
http://kraken.rs
Screenshot of kraken.rs OpenPhish Details
2026-05-18 19:30 2026-04-24 07:01
https://home-kraken-us-auth.square.site
Screenshot of home-kraken-us-auth.square.site PhishTank urlscan Details
2026-05-18 19:30 2026-04-24 01:01
http://home-kraken-us-auth.square.site
Screenshot of home-kraken-us-auth.square.site OpenPhish urlscan Details
2026-05-18 19:30 2026-04-08 11:31
https://krakencommand.halseyburgund.com
Screenshot of krakencommand.halseyburgund.com urlscan Details

Suspicious sites — confidence is not always 100%. Use for Threat Hunting or watchlists.

URL Screenshot Details
http://access-learn-kraken-en…
GSB OpenPhish 		Screenshot of access-learn-kraken-en.tem3.io Details
http://kraken.rs
OpenPhish 		Screenshot of kraken.rs Details
https://home-kraken-us-auth.s…
PhishTank urlscan 		Screenshot of home-kraken-us-auth.square.site Details
http://home-kraken-us-auth.sq…
OpenPhish urlscan 		Screenshot of home-kraken-us-auth.square.site Details
https://krakencommand.halseyb…
urlscan 		Screenshot of krakencommand.halseyburgund.com Details

AIHow to verify a real Kraken URL

  • Legitimate Kraken URLs always end in kraken.com (e.g. www.kraken.com, account.kraken.com). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not Kraken.
  • The padlock icon proves TLS is active, not that the site is safe. Free DV certificates are issued to attackers in minutes; every active site listed above has a valid TLS certificate.
  • If you got the link from email, SMS, or social media, do not click it. Open kraken.com from your browser bookmark or type the domain manually.
  • Real Kraken pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.