# backbcak.exchange — SUSPICIOUS

> backbcak.exchange active since 03/17/26, delivering a generic phishing campaign with credential theft targeting unknown brands. VT score 1/95. Do not interact.

## Summary
PhishDestroy identifies backbcak.exchange as a generic credential theft scam active since March 17, 2026. The domain mimics legitimate services to harvest user credentials. No specific brand or drainer kit was identified in the available data.

Technical indicators: VirusTotal score 1/95, NICENIC INTERNATIONAL GROUP CO., LIMITED registrar, resolving to 188.114.97.3. Domain created 03/17/26; no Google Safe Browsing detection; blocklist count unavailable.

The campaign remains active with elevated risk. Users should block the domain and IP. Remaining risk is high due to low detection rates and active hosting.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-17 15:57:56
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/472e1a38-695a-41fc-bb8f-ae3a171f262a
- PhishDestroy: https://phishdestroy.io/domain/backbcak.exchange/
- LLM endpoint: https://phishdestroy.io/domain/backbcak.exchange/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/backbcak.exchange/
Last updated: 2026-03-20