# account-micro-soft.com — MALICIOUS

> PhishDestroy identifies account-micro-soft.com as a Microsoft brand impersonation domain. This domain was registered on March 10, 2026, and flagged by 5/95.

## Summary
PhishDestroy identifies account-micro-soft.com as a fraudulent domain actively impersonating Microsoft to deceive users into divulging sensitive credentials or financial information. This domain closely mimics Microsoft's official branding to exploit user trust, particularly targeting individuals expecting legitimate Microsoft account services such as sign-ins or account management. The fraudulent nature of this domain is further evidenced by its recent creation date (March 10, 2026), which often correlates with the deployment of new phishing campaigns designed to bypass existing detection mechanisms.  This domain poses an elevated risk due to multiple red flags confirmed by security intelligence. VirusTotal reports that 5 out of 95 security vendors have flagged this domain as malicious or suspicious, indicating a moderate but noteworthy detection rate. The domain is registered through TUCOWS.COM, CO., a registrar known for hosting both legitimate and fraudulent domains, though not inherently indicative of malicious intent without further context. The domain resolves to IP address 52.72.49.79, which may be associated with other malicious activities or phishing infrastructure. Additionally, the domain utilizes a Let's Encrypt SSL certificate, a tactic often exploited by threat actors to lend an air of legitimacy to fraudulent websites. The combination of these factors—particularly the recent registration date and partial detection on VirusTotal—suggests that this domain is part of an active phishing campaign targeting Microsoft users.  Users who have visited account-micro-soft.com should immediately cease any interaction with the site and avoid entering any credentials, payment information, or personal data. If credentials were entered, users must change their Microsoft account password immediately and enable multi-factor authentication (MFA) to secure their accounts. It is also recommended to scan devices for malware using reputable antivirus software, as fraudulent domains may deploy malicious payloads. Users should report the domain to Microsoft’s Phishing Report page (phishing@office365.com) and their organization’s IT/security team if applicable. To prevent future exposure, block this domain and IP address (52.72.49.79) at the network level using firewalls or endpoint protection tools. Remain vigilant for phishing emails or messages referencing this domain, as threat actors often use such lures to redirect victims to fraudulent sites.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Microsoft

## Domain Intelligence
- Registered: 2026-03-10 10:04:50
- Registrar: TUCOWS.COM, CO.
- IP: 52.72.49.79

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2f569995-0092-43ef-8d2c-d666e5233355
- PhishDestroy: https://phishdestroy.io/domain/account-micro-soft.com/
- LLM endpoint: https://phishdestroy.io/domain/account-micro-soft.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/account-micro-soft.com/
Last updated: 2026-04-01