
Social Security Administration phishing & impersonation
Governmentssa.gov
6
Impersonation sightings
6
Distinct hosts
2026-07-01
Last detected
1
Official domains
ScanMalware watches every scanned site for signs it is impersonating Social Security Administration — the brand name in the page title or screenshot text, the brand's logo/favicon on a non-official host, and lookalike domains. A match on a host outside Social Security Administration's official domains is recorded below.
Official domains
ssa.gov
Also known as
social securitysocial security administration
Detected impersonation sites
| Host | Title | Detected by | Verdict | Date | |
|---|---|---|---|---|---|
| brentwood.agencyrevolutiondemo.com | Social Security: By the Numbers | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (Social Security)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (brentwood.agencyrevolutiondemo.com)"], "password fields": 0, "impersonated brand": "Social Security", "brand mismatch detected": true, "impersonated brand slug": "ssa", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 29, "total risk": 0, "valid count": 29, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 77, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 1, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (brentwood.agencyrevolutiondemo.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| da-calculator.com | Social Security Calculator — Quick Online Calculator | Page text | {"verdict": "Medium Risk", "confidence": 52, "risk level": "medium", "risk factors": ["Brand Impersonation (Social Security)"], "overall score": 52, "recommendations": ["⚡ Exercise caution when visiting this website", "🛡️ Ensure your browser and antivirus are up to date"], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (da-calculator.com)"], "password fields": 0, "impersonated brand": "Social Security", "brand mismatch detected": true, "impersonated brand slug": "ssa", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 10, "total risk": 0, "valid count": 10, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 14, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 0, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}, "domain age scoring": {"penalty": 25, "rdap data": {"domain": "da-calculator.com", "age days": 1, "category": "CRITICAL", "registrar": null, "registration date": "2026-06-30T17:43:41+00:00"}, "has login forms": true, "is hosting subdomain": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (da-calculator.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| picclick.com | Vintage Social Security Card FOR SALE! - PicClick | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (Social Security)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (picclick.com)"], "password fields": 0, "impersonated brand": "Social Security", "brand mismatch detected": true, "impersonated brand slug": "ssa", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 562, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 0, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (picclick.com)"], "positive": ["HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| www.nobleworkscards.com | Social Security Benefits: Funny Anniversary Giant Card | Page text | {"verdict": "Low Risk", "confidence": 72, "risk level": "low", "risk factors": ["Brand Impersonation (Social Security)"], "overall score": 28, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (www.nobleworkscards.com)"], "password fields": 0, "impersonated brand": "Social Security", "brand mismatch detected": true, "impersonated brand slug": "ssa", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 45, "total risk": 0, "valid count": 45, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 228, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 40, "issues": [], "total redirects": 2, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 2, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (www.nobleworkscards.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| www.allport.com | Social Security Retirement Card – Allport Editions | Page text | {"verdict": "Low Risk", "confidence": 71, "risk level": "low", "risk factors": ["Suspicious URL Patterns", "Brand Impersonation (Social Security)"], "overall score": 29, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (www.allport.com)"], "password fields": 0, "impersonated brand": "Social Security", "brand mismatch detected": true, "impersonated brand slug": "ssa", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 50, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": ["Suspicious domain pattern detected"]}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 12, "total risk": 0, "valid count": 12, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 381, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 40, "issues": [], "total redirects": 2, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 2, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (www.allport.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| discover.phoenixpubliclibrary.org | Social security : your number and card. | Phoenix Public Library | Page text | {"verdict": "Low Risk", "confidence": 71, "risk level": "low", "risk factors": ["Brand Impersonation (Social Security)"], "overall score": 29, "recommendations": ["📋 Website lacks important security headers"], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (discover.phoenixpubliclibrary.org)"], "password fields": 0, "impersonated brand": "Social Security", "brand mismatch detected": true, "impersonated brand slug": "ssa", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 5, "total risk": 0, "valid count": 5, "invalid count": 0, "not found count": 0}, "network security": {"score": 60, "issues": ["No security headers detected"], "mixed content": false, "secure requests": 1, "security headers": {"detected": false}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 40, "issues": [], "total redirects": 2, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 2, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["No security headers detected", "⚠️ CRITICAL: Brand impersonation detected - Social Security branding on non-official domain (discover.phoenixpubliclibrary.org)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |