# backpack-airdrop.vercel.app — SUSPICIOUS > This domain, backpack-airdrop.vercel.app, impersonates a fake airdrop scam and has 0/95 VirusTotal detections. ## Summary PhishDestroy identifies backpack-airdrop.vercel.app as an active brand impersonation domain targeting cryptocurrency users with a fake airdrop scam scheme. The site leverages the legitimate Vercel Inc. platform to host malicious content while mimicking legitimate airdrop promotions to deceive victims into connecting wallets or transferring funds. Threat actors frequently abuse cloud hosting providers like Vercel to bypass traditional domain reputation filters, making this a high-risk vector for credential theft and outright theft of digital assets. The domain resolves to IP 216.198.79.3 and currently operates under Google Trust Services SSL certificate, which does not confer legitimacy. With 0/95 detections on VirusTotal as of the investigation seed a1cfd7, no security vendors have yet flagged this domain, indicating a delayed detection cycle common in newly deployed impersonation campaigns. This domain was flagged through direct brand impersonation analysis targeting the 'Airdrop Scam' vertical. Technical indicators include registration through Vercel Inc., use of a Google Trust Services issued SSL certificate, and resolution to IP address 216.198.79.3. Notably, the domain exhibits zero detections across 95 VirusTotal engines, underscoring the evasiveness of modern impersonation scams hosted on reputable cloud platforms. Such domains often appear legitimate at first glance due to the use of trusted infrastructure, but their intent is to harvest wallet credentials or trick users into sending cryptocurrency under false promises of airdrops or token rewards. The absence of blocklist entries at the time of investigation suggests this is a recently activated threat not yet widely recognized by security communities. Mitigation for this specific brand impersonation threat requires immediate user awareness and proactive blocking. Users must verify any airdrop or token claim site by checking the official project website, social channels, and token contract addresses from trusted sources. Never click links from unsolicited messages or advertisements promising free tokens. Domain owners and security teams should block resolution to 216.198.79.3 at the network perimeter and flag backpack-airdrop.vercel.app in DNS and firewall rules. Report this domain immediately to Vercel abuse channels and to the impersonated brand’s fraud reporting system to accelerate takedown. Always use hardware wallets and avoid connecting software wallets to untrusted web interfaces. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Airdrop Scam ## Domain Intelligence - Registrar: Vercel Inc. - IP: 216.198.79.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/824a3f4c-a125-4e10-a3aa-927188cd6f25 - PhishDestroy: https://phishdestroy.io/domain/backpack-airdrop.vercel.app/ - LLM endpoint: https://phishdestroy.io/domain/backpack-airdrop.vercel.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/backpack-airdrop.vercel.app/ Last updated: 2026-03-28