# appleinc-br.com — MALICIOUS

> Domain appleinc-br.com is a confirmed brand impersonation site targeting Apple users. Flagged by 18/95 VirusTotal vendors with iCloud phishing page.

## Summary
PhishDestroy identifies appleinc-br.com as an active brand impersonation domain targeting Apple users. The site masquerades as an official iCloud device locator page titled 'Buscar Dispositivos do iCloud', attempting to harvest Apple credentials under the guise of locating lost devices. No crypto drainer kit was observed on this page, but the threat actor leverages Apple’s branding to deceive users into entering sensitive login information.  This domain resolves to IP 172.67.179.95 and was registered through GoDaddy.com, LLC on March 21, 2026. Security telemetry shows a VirusTotal detection ratio of 18 out of 95 vendors, indicating partial coverage by security tools. It appears on 2 public blocklists and is not flagged by Google Safe Browsing (GSB status: clean). The domain uses a Let's Encrypt SSL certificate to appear legitimate, enhancing its deception capabilities. Despite low blocklist coverage, the domain’s recency and targeted branding pose elevated risk to Apple users.  As of current analysis, appleinc-br.com remains active and unblocked by major browsers. Users should avoid accessing this domain and report it immediately via their security provider or browser warning systems. The risk level remains elevated due to the combination of fresh registration, partial detection, and targeted impersonation. Remain vigilant for similar domains and verify URLs before entering credentials. This domain should be treated as hostile and blocked at the network and endpoint levels where possible.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Apple
- Page title: Buscar Dispositivos do iCloud

## Domain Intelligence
- Registered: 2026-03-21 22:58:32
- Registrar: GoDaddy.com, LLC
- IP: 172.67.179.95

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["OpenPhish", "PhishingArmy"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b0b9e5b3-3e49-45dd-a77c-93222f1a58ca
- PhishDestroy: https://phishdestroy.io/domain/appleinc-br.com/
- LLM endpoint: https://phishdestroy.io/domain/appleinc-br.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/appleinc-br.com/
Last updated: 2026-03-29