# amazon-clone-eta-bice.vercel.app — MALICIOUS > PhishDestroy warns that amazon-clone-eta-bice.vercel.app is a crypto drainer impersonating Amazon. 15 security vendors on VirusTotal flag this domain as. ## Summary PhishDestroy identifies amazon-clone-eta-bice.vercel.app as an active high-risk phishing domain designed to mimic Amazon’s login portal and steal cryptocurrency. This site leverages a Vercel-hosted page to appear legitimate while harvesting credentials and digital assets from unsuspecting users. The domain abuses Vercel’s infrastructure to host a fake Amazon login, tricking visitors into entering sensitive information that is immediately exfiltrated to attackers. Once credentials are captured, threat actors can drain connected crypto wallets or pivot into further financial fraud. The site’s use of a Vercel.app subdomain adds a veneer of authenticity, exploiting trust in well-known platforms to lower user suspicion. This domain was flagged by 15 out of 95 VirusTotal security vendors and blacklisted by Google Safe Browsing under the SOCIAL_ENGINEERING category. It resolves to IP 216.198.79.3 and uses a Google Trust Services SSL certificate to simulate a secure connection. Registered through Vercel Inc., the domain was likely created recently and is being actively used in phishing campaigns targeting Amazon customers. Its low VT detection ratio compared to malicious prevalence suggests it may have evaded early detection, enabling continued operation. If you visited this domain, cease using any accounts accessed from that device immediately. Disconnect from the internet, run a full antivirus scan, and reset passwords for all critical accounts using a different, secure device. Report the domain to PhishDestroy for takedown and monitor crypto wallets or bank accounts linked to the session. Never enter payment or login details on unfamiliar sites, even if they appear legitimate. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Vercel Inc. - IP: 216.198.79.3 ## Detection Status - VirusTotal: 15 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/35177cfd-bd8a-41cd-bd55-58f7a92a827c - PhishDestroy: https://phishdestroy.io/domain/amazon-clone-eta-bice.vercel.app/ - LLM endpoint: https://phishdestroy.io/domain/amazon-clone-eta-bice.vercel.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/amazon-clone-eta-bice.vercel.app/ Last updated: 2026-03-22