%22%2F%3E%3Crect%20x%3D%220%22%20y%3D%220%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%2238.4%22%20y%3D%220%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%229.6%22%20y%3D%229.6%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%2219.2%22%20y%3D%229.6%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%2228.799999999999997%22%20y%3D%229.6%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%220%22%20y%3D%2219.2%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%229.6%22%20y%3D%2219.2%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%2228.799999999999997%22%20y%3D%2219.2%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%2238.4%22%20y%3D%2219.2%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%220%22%20y%3D%2228.799999999999997%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%2219.2%22%20y%3D%2228.799999999999997%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%2238.4%22%20y%3D%2228.799999999999997%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%229.6%22%20y%3D%2238.4%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3Crect%20x%3D%2228.799999999999997%22%20y%3D%2238.4%22%20width%3D%229.6%22%20height%3D%229.6%22%20fill%3D%22hsl(23%2C%2060%25%2C%2050%25)%22%2F%3E%3C%2Fsvg%3E){kind=small}
Crimson Osprey
CFD/ForexA Philippines-based network of fraudulent websites posing as wealth management firms, investment holding companies, stock transfer agencies, and corporate advisory services. The sites target victims by presenting themselves as established financial institutions offering portfolio management, securities trading, and corporate registrar services, using fabricated credentials, fake regulatory registrations, and professional client login portals to solicit deposits. This network operates across multiple infrastructure tiers and has been linked to at least 38 domains across several front companies.
Intelligence Profile
The Crimson Osprey network is a Philippines-based operation running fraudulent financial services websites across multiple front companies. The network spans at least 38 confirmed domains operating under fabricated company identities in multiple jurisdictions. The operation uses two distinct infrastructure tiers with different technology stacks, both serving the same purpose of impersonating legitimate financial institutions. One tier uses legacy web technology rarely seen in modern operations, while the other uses a more contemporary stack. Both tiers employ professional-looking client portals designed to collect credentials and deposits from victims. The operator has been active since at least 2006 and deliberately compartmentalizes domains across multiple hosting and DNS providers in different countries to reduce the impact of takedowns on the overall operation. Law enforcement action has been taken against individuals associated with this network.
AI-generated summary
Category
CFD/ForexBrands
0Domains
14087 active
Down domains
53Unique IPs
34Detection signals
0Status
activeDate range
Apr 2026 — May 2026Infrastructure intelligence
Hosting locations
United States25 (18%)
Romania6 (4%)
France4 (3%)
Canada1 (1%)
Belgium1 (1%)
Israel1 (1%)
Hosting providers
Regulatory Warnings
4domains warned by 3 authorities
Flagged in 1 Jurisdiction
Domains in this network have been flagged by financial regulators across 1 country.
Domains (140)
Page 1 of 3Network Growth
Network Growth
140total domains
Encountered a site from this network?
Your report helps us track and expose these operations.