# bavamex.com — SUSPICIOUS > bavamex.com impersonates MEXC exchange in a fake giveaway scam. 0/95 VirusTotal detections reported. Check the full report. ## Summary PhishDestroy identifies bavamex.com as an active domain that impersonates the legitimate cryptocurrency exchange MEXC in order to deceive users into participating in fraudulent ‘giveaway’ or ‘airdrop’ campaigns. This domain leverages visual and textual cues—such as logos, color schemes, and domain name similarity—to mimic MEXC’s official branding, aiming to trick unsuspecting visitors into transferring cryptocurrency or disclosing sensitive account credentials. The site is currently live and resolving to IP address 104.21.69.232, which is associated with hosting environments frequently exploited for low-reputation web activity. This domain was flagged specifically for brand impersonation targeting MEXC, a major global cryptocurrency exchange. Technical indicators include registration through Global Domain Group LLC on March 13, 2026—an unusually recent date suggesting opportunistic domain squatting. The SSL certificate from Let's Encrypt provides a false sense of security, but it does not validate authenticity. Notably, bavamex.com currently shows 0 detections out of 95 engines on VirusTotal, indicating it remains undetected by mainstream scanners as of evaluation. While risk level is still under investigation, the combination of brand impersonation, recent registration, and low detection rate signals elevated risk to end users. Users who have visited bavamex.com should assume exposure to a phishing scam and immediately cease any interaction with the site. If any cryptocurrency or account credentials were entered, users must revoke API keys, change passwords, and enable two-factor authentication on their legitimate MEXC accounts. Disconnect any connected wallets and monitor for unauthorized transactions. Report the domain to MEXC’s official fraud reporting channels and local cybercrime units. Always verify web addresses against official sources and avoid clicking unsolicited links promising rewards or urgent account actions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: MEXC ## Domain Intelligence - Registered: 2026-03-13 14:37:34 - Registrar: Global Domain Group LLC - IP: 104.21.69.232 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/bavamex.com - PhishDestroy: https://phishdestroy.io/domain/bavamex.com/ - LLM endpoint: https://phishdestroy.io/domain/bavamex.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/bavamex.com/ Last updated: 2026-04-04