MalwareTips
Security Review

Is hklogin.uat.mizuhoscfglobal.com legit or a scam?

Our verdict:Dangerous· 1/100

Phishing page cloning Mizuho Bank HK's SCF supplier portal, flagged by six antivirus engines and browser blocklists.

Top reasons
Six antivirus engines flag the page as phishing, including tier-1 detectors BitDefender and Kaspersky.Major browser blocklists have blocked the page for social engineering.Domain is hosted on a suspicious subdomain (hklogin.uat.mizuhoscfglobal.com) that does not match Mizuho Bank's official domain structure.
hklogin.uat.mizuhoscfglobal.comScanned 1h ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 0·MT 18
Category tags
phishing#Phishing#Clone Site92% MT confidence
Warning signals (1)
Redirects to another domain

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
8/92
Engines flagged this URL
Domain Age
Registration date unknown
MT Intelligence
Dangerous
Critical likelihood · 92% confidence
DANGEROUS

Phishing site — do not log in

Flagged on major browser safety blocklists as social engineering. This page looks designed to steal credentials. Don't log in — and if you already did, change the password anywhere you reused it and turn on two-factor authentication.

Website Preview

Screenshot of hklogin.uat.mizuhoscfglobal.com
LIVE RENDER
hklogin.uat.mizuhoscfglobal.com

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust18/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The page mimics Mizuho Bank HK's legitimate supplier portal (SCiSupplier / SCF Platform) but is hosted on a suspicious subdomain (hklogin.uat.mizuhoscfglobal.com) that does not belong to Mizuho's official infrastructure. Six major antivirus engines—BitDefender, Kaspersky, Fortinet, G-Data, CRDF, and Google's phishing detection—all flag it as phishing. Browser blocklists have marked it for social engineering. The page loads external assets from primerevenue.com domains, which is not typical for a legitimate bank portal. The domain lacks any legitimate business contact information (no email, phone, or address), and the SSL certificate, while valid, was issued only 38 days ago—consistent with a hastily-deployed phishing clone. The redirect chain (5 hops, cross-domain) further suggests obfuscation.
Full dossier
Analysis complete

Page Content

The page displays a login interface titled 'Mizuho HK SCiSupplier' and includes a security notice claiming to represent Mizuho Bank HK Branch. The body text references the 'SCF Platform' (Supply Chain Finance) and warns users about credential misuse. However, the page contains no legitimate contact information—no email address, phone number, or postal address for Mizuho Bank HK.

Infrastructure

The domain hklogin.uat.mizuhoscfglobal.com is hosted on IP 3.231.132.28 (AWS), which has zero abuse reports and a clean reputation score. The SSL certificate is valid (GoDaddy issuer) but was issued only 38 days ago. The page loads external assets from assets.primerevenue.com, info.primerevenue.com, and terms.primerevenue.com—domains unrelated to Mizuho Bank.

Domain History

WHOIS data is unavailable, preventing verification of the domain's registration details. The domain is not indexed in global traffic rankings, suggesting it is either newly created or deliberately obscured from search engines.

Web Reputation

Six antivirus engines flag this page as phishing: BitDefender, Kaspersky, Fortinet, G-Data, CRDF, and Google's phishing detection. Major browser blocklists have flagged it for social engineering. The combination of antivirus consensus and browser-blocklist detection is a strong indicator of a credential-harvesting attack.

Risk Factors
7
  • Six antivirus engines flag the page as phishing, including tier-1 detectors BitDefender and Kaspersky.
  • Major browser blocklists have blocked the page for social engineering.
  • Domain is hosted on a suspicious subdomain (hklogin.uat.mizuhoscfglobal.com) that does not match Mizuho Bank's official domain structure.
  • SSL certificate issued only 38 days ago, consistent with a hastily-deployed phishing clone.
  • Page loads external assets from primerevenue.com, which is not associated with Mizuho Bank.
  • No legitimate contact information (email, phone, or address) present on the page.
  • WHOIS data unavailable, preventing verification of domain ownership.
Positive Signals
2
  • SSL certificate is valid and issued by a trusted certificate authority (GoDaddy).
  • Hosting IP has zero abuse reports and a clean reputation score.
AI Recommendation
Do not enter any credentials on this page. If you received a link to this site in an email or message claiming to be from Mizuho Bank, report it to Mizuho Bank HK directly using contact information from their official website. Clear your browser cache and consider running a security scan on your device.
Scam network detected
3 linked domains correlated

The page loads external assets from primerevenue.com domains, which are not associated with Mizuho Bank and may be part of a phishing infrastructure network.

assets.primerevenue.cominfo.primerevenue.comterms.primerevenue.com
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for hklogin.uat.mizuhoscfglobal.com, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Web mentions
No scam reports found
No complaints, no negative coverage turned up in our sweep.
Research summary
Narrative write-up from our AI analyst

No independent review aggregators provided data for this domain.

Antivirus Engines

Detection matrix · live
8 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

8Malicious0Suspicious51Harmless92Engines
0
of 92
BitDefender
Malicious· phishing
CRDF
Malicious· malicious
Fortinet
Malicious· phishing
G-Data
Malicious· phishing
Google Safebrowsing
Malicious· phishing
Kaspersky
Malicious· phishing
Sophos
Malicious· phishing
Webroot
Malicious· malicious

8 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
This URL appears on threat lists

Detected threat categories: SOCIAL_ENGINEERING.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerGoDaddy.com, Inc. · Go Daddy Secure Certificate Authority - G2
ExpiresJul 26, 2026 (38d)
Self-signedNo
Hosting & Technology
HostingAmazon Data Services Northern Virginia
Server locationUS

Redirect Chain

Hops
5
Cross-domain
Yes
Lookalike
No
Punycode
No
  • 1301http://hklogin.uat.mizuhoscfglobal.com/
  • 2301https://hklogin.uat.mizuhoscfglobal.com/
  • 3302https://hk.uat.mizuhoscfglobal.com/cross-domain
  • 4302https://hk.uat.mizuhoscfglobal.com/scf/cross-domain
  • 5302https://hk.uat.mizuhoscfglobal.com/scf/oauth2/authorization/fusionauthcross-domain
  • 6200https://hklogin.uat.mizuhoscfglobal.com/oauth2/authorize?response_type=code&client_id=bca4f495-a205-4cb4-8b0a-07f4d88a7584&scope=openid%20email%20profile&state=hVeXB-kZaQRXgjwfLoUIu41SqO6ZKn_MNgYCBUJQirc%3D&redirect_uri=https://hk.uat.mizuhoscfglobal.com/scf/login/oauth2/code/fusionauth&nonce=66BEfrO3SXuzW-ja07nKNPfLgfjW0XYCVt0UNFI6NPU

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPAmazon Data Services Northern Virginia
Usage typeData Center/Web Hosting/Transit

Scam-Type Likelihood

1 scam-type patterns detected
Scam-Type Likelihood

1 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Phishing
Phishing
Moderate likelihood
35/100
  • Google Safe Browsing flagged this as social engineering / phishing.
  • AI analyst tagged this as phishing / data-harvesting.

Phishing site — act fast

This page shows signs of attempting to steal credentials or impersonate a trusted brand.

  • Do not interact with hklogin.uat.mizuhoscfglobal.com

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • If you already typed your password — change it now

    Change the password on the legitimate site and anywhere else you re-used it. Turn on two-factor authentication. Review recent account activity.

  • Report the phishing URL

    APWG (Anti-Phishing Working Group) accepts phishing reports at reportphishing@apwg.org. Google Safe Browsing reports help protect other users.

    Open
  • Get help on the forum

    MalwareTips members can help you assess damage and next steps.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
ListedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

assets.primerevenue.cominfo.primerevenue.comterms.primerevenue.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags hklogin.uat.mizuhoscfglobal.com as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — hklogin.uat.mizuhoscfglobal.com scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. hklogin.uat.mizuhoscfglobal.com presents a valid TLSv1.3 certificate issued by GoDaddy.com, Inc. · Go Daddy Secure Certificate Authority - G2, expiring in 38 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • 8 out of 92 antivirus engines in our malware network flagged hklogin.uat.mizuhoscfglobal.com as malicious or suspicious (8 outright malicious). Even one detection is a meaningful signal.
  • Yes. The major browser blocklist feeds flagged hklogin.uat.mizuhoscfglobal.com with the following threat categories: SOCIAL_ENGINEERING. This protects billions of browser users from visiting the site.
  • hklogin.uat.mizuhoscfglobal.com resolves to an IP operated by Amazon Data Services Northern Virginia in US (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 17, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around hklogin.uat.mizuhoscfglobal.com have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·hklogin.uat.mizuhoscfglobal.com
DANGEROUS

This is a phishing page impersonating Mizuho Bank's supplier portal. Six antivirus engines including BitDefender and Kaspersky flag it as phishing, and major browser blocklists have blocked it for social engineering. Do not enter any credentials.

Do not enter any credentials on this page. If you received a link to this site in an email or message claiming to be from Mizuho Bank, report it to Mizuho Bank HK directly using contact information from their official website. Clear your browser cache and consider running a security scan on your device.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust1
bnkofam.top
8m ago
Read the review
Dangeroustrust1
alexgalho.com.br
9m ago
Read the review
Dangeroustrust25
code-verification-js.beer
12m ago
Read the review
Dangeroustrust5
docment.e-docssign.net
14m ago
Read the review
Dangeroustrust25
cashblox.gg
16m ago
Read the review
Dangeroustrust38
vxvault.net
17m ago
Read the review
Dangeroustrust1
download.cdn9mc.com
18m ago
Read the review
Dangeroustrust1
hk.uat.mizuhoscfglobal.com
1h ago
Read the review
Dangeroustrust1
voyaimpresionarte.com
1h ago
Read the review
Dangeroustrust31
trafficheap.com
1h ago
Read the review
Dangeroustrust1
pay-heleket.cc
1h ago
Read the review
Dangeroustrust25
trafficheap.cc
1h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.