Phishing domain get-fb-confirm-now.atwebpages.com has been tagged as a malicious domain which is hosting content in order to phish unaware internet users. The domain get-fb-confirm-now.atwebpages.com should be considered dangerous and communication towards that domain should be flagged as malicious.
If you see someone sharing get-fb-confirm-now.atwebpages.com, then do not hesitate to inform them that they are sharing a phishing site. If you do not know the user, and you are sure that it is being done on purpose, it is wise to take a screenshot, so you can use it as evidence – once you have taken the screenshot, you can “block” the user in order to avoid future messages.
Malicious behavior which is often seen on phishing sites;
- Fake forms which request personal information.
- Affiliate surveys which generate an online revenue for the cybercriminals/scammers.
- Download buttons which download malicious/adware applications or plugins.
If you have left information on the phishing domain get-fb-confirm-now.atwebpages.com
The chance is there that you are reading this because you have left information on the phishing site – if that is the case, we strongly recommend you to take action in order to minimize the damage which can be done by the phished data.
Inform the police
If you have left personal information which you do not want to see online, inform the police agency in your environment about the fact that you think that you have been phished. They will instruct you on which steps you need to take.
The second step is to make sure that you did not sign-up for any affiliate programs which demand a payment each week/day or per message. If that is the case, you need to search up the phone number on Google and make sure that you find instructions on how to disable the affiliate program.
You can also call up your phone provider to inform them that you have signed up for an affiliate program via a phishing page, if they care, they should continue to help you in order to disable that affiliate program.
Call your bank if you have left personal/financial information on the phishing page, they will be able to instruct you in which steps you need to take to minimize the effect of the performed phishing attack.
If you have left information on the phishing page with your “work/company” profile, then make sure that you inform your IT-manager or the “Cyber” Security Officer in the company. This will allow them to minimize the effect on the company.
What you should always have enabled
When you are using devices that contain private or sensitive information, we strongly recommend you to use an up to date anti-virus on that device. The anti-virus will protect your device against malicious applications. The use of a VPN is also recommended, the VPN will hide your IP from the outside world, making it hard for anyone on the internet to identify your location via the IP. This can also be done by using TOR.
Detailed information on get-fb-confirm-now.atwebpages.com
Currently hosted on IP:
Autonomous System Number (ASN):
Pages hosted on IP:
The pages which are hosted on 220.127.116.11 do not have to be malicious, the fact that the IP has been flagged is because of the fact that at least “one” page on get-fb-confirm-now.atwebpages.com was identified as a phishing page.
Domains which were/are hosted on 18.104.22.168:
Hashes which are affiliated with that IP according to VirusTotal:
How to remove get-fb-confirm-now.atwebpages.com malware/adware/spyware
The removal of malicious content on your device can be done in various ways, below, you will be able to find tools which will help you to remove get-fb-confirm-now.atwebpages.com, and any other malicious content from your device.
If you want to scan your device for malware, spyware and other type of malicious content – it is strongly recommended to use one of the AV products which are listed below, these AV products can be downloaded for free and are capable of finding and removing malware.
The antivirus products which are listed above, are free to use and can be downloaded from their official websites. They can cleanup your device from any content which have been left by get-fb-confirm-now.atwebpages.com.
Registry fix products
Malware and spyware often adjust the registry on the Windows device, it is strongly recommended to use the HijackThis tool by TrendMicro to clean-up malicious / bad registry key values. The HijackThis tool is fully automated so you do not need to be an expert to clean up the registry.
Temp / “trash” content removal
The next thing you want to cleanup are the temporary items which are hiding on your device. In order to cleanup those temporary items / trash, you can use the CCleaner tool from Piriform, this tool is free and it can be downloaded directly from their site – the tool is automated, and it will allow you to cleanup your device from unwanted temporary files (which can be leftovers of the malware/spyware).
If you want to protect yourself against Ransomware / Cryptoware malware then you can use the following products below, these products are preventive products, so they need to be installed before any ransomware attacks take place. These tools cannot be used to recover ransomware attacks – they are only protecting you against those type of attacks, but once an attack has taken place, it cannot be used for recovery.
Participate in malware research
Extra information on get-fb-confirm-now.atwebpages.com
If you have extra information about this attack, and you are allowed to share that information, then please do not hesitate to add extra information to this post about get-fb-confirm-now.atwebpages.com via the comment section below. We thank you in advance.