# appleinc-id.com — MALICIOUS

> Domain appleinc-id.com detected as brand impersonation threat. 18/95 VirusTotal vendors flagged this Apple impersonation crypto drainer.

## Summary
PhishDestroy identifies active brand impersonation domain appleinc-id.com designed to mimic Apple, posing an elevated risk to unsuspecting users. This domain employs deceptive tactics to impersonate the Apple brand, likely leveraging social engineering to trick victims into interacting with malicious content. The infrastructure suggests a crypto-drainer operation, indicating the threat actor’s intent to facilitate unauthorized cryptocurrency transfers from compromised wallets or user accounts.

This domain was flagged by 18 out of 95 VirusTotal security vendors and is currently blocked by OpenPhish and PhishingArmy. Technical indicators include registration through Gransy, s.r.o., resolution to IP address 188.114.97.3, and the use of a Let’s Encrypt SSL certificate for added legitimacy. The domain was created on June 26, 2025, highlighting its recent emergence as a threat. The combination of a low VT detection rate, active blocklisting, and association with known threat feeds underscores the elevated risk this domain poses to end users and organizations.

As of the latest assessment, appleinc-id.com remains active and unblocked by Google Safe Browsing (GSB). Immediate action is required to block this domain at the network and endpoint levels to prevent potential credential theft or cryptocurrency drain attacks. Users should verify the authenticity of any Apple-related domains, especially those with non-standard naming conventions or recent domain registrations. While blocklists have been updated to include this domain, the risk of new variants or similar impersonation campaigns remains high, necessitating ongoing vigilance and user education to mitigate exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Apple

## Domain Intelligence
- Registered: 2025-06-26 00:15:02
- Registrar: Gransy, s.r.o.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["OpenPhish", "PhishingArmy"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b3503d44-514b-4276-95f7-1a08e1afbffd
- PhishDestroy: https://phishdestroy.io/domain/appleinc-id.com/
- LLM endpoint: https://phishdestroy.io/domain/appleinc-id.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/appleinc-id.com/
Last updated: 2026-03-29