# bybitvotes.fun — SUSPICIOUS

> bybitvotes.fun was flagged for phishing. Avoid visiting this site and protect your data. Learn how to stay safe from scams at PhishDestroy.

## Summary
PhishDestroy identifies bybitvotes.fun as a low-risk phishing domain designed to deceive users. Although currently offline, this site posed a threat by attempting to trick visitors into revealing sensitive information such as login credentials or personal details. Phishing sites like this often mimic legitimate platforms to exploit user trust, leading to potential identity theft or financial loss.

This phishing campaign operated by impersonating popular cryptocurrency voting platforms, enticing users to participate in fake contests or surveys. Victims might have been prompted to enter confidential data, which attackers could then use for fraudulent activities. The domain was registered through Dynadot LLC and appeared on multiple security blocklists, indicating prior detection by cybersecurity tools. It resolved to the IP address 172.67.128.219 and was flagged by some security vendors on VirusTotal before being taken offline.

If you visited bybitvotes.fun, it is crucial to review any information you submitted and monitor your accounts for suspicious activity. Change passwords associated with the compromised data and enable two-factor authentication where possible. Users should also run comprehensive antivirus scans and remain vigilant against follow-up phishing attempts that may use stolen data. Staying informed and cautious helps reduce the risk of falling victim to phishing scams like the one linked to bybitvotes.fun.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Target brand: Bybit
- Page title: ByVotes

## Domain Intelligence
- Registered: 2026-03-02 15:00:01
- Registrar: Dynadot LLC
- Country: US
- IP: 172.67.128.219
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ali.ns.cloudflare.com piers.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/Ng9W2nx3/2e8bad2218cb.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/a0f08b3b-cce1-4a1d-bfd0-491a71025141
- PhishDestroy: https://phishdestroy.io/domain/bybitvotes.fun/
- LLM endpoint: https://phishdestroy.io/domain/bybitvotes.fun/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bybitvotes.fun/
Last updated: 2026-03-19