# capitalexchange.to — SUSPICIOUS

> capitalexchange.to is a brand impersonation phishing site detected by PhishDestroy. VirusTotal shows 0/95 detections. Verify suspicious links immediately.

## Summary
PhishDestroy identifies capitalexchange.to as a brand impersonation phishing domain targeting cryptocurrency exchange users. This domain mimics legitimate financial platforms to trick victims into entering credentials or transferring funds to attacker-controlled wallets. The site employs spoofed interfaces to harvest login details or initiate unauthorized crypto transactions, posing a direct financial risk to unsuspecting users. SSL encryption (Let's Encrypt) obscures malicious activity, while the recent domain registration suggests a short-lived campaign aimed at capitalizing on user trust during the holiday season.  This domain was flagged on December 25, 2024, with a VirusTotal detection rate of 0/95 engines as of the latest analysis. The domain is registered through Spaceship, Inc., and resolves to IP address 89.106.200.1, which has no prior reputation for legitimate services. The combination of recent registration, low detection rates, and cryptocurrency-focused lures indicates an active and evolving threat. Users are advised to treat this domain as malicious until further evidence proves otherwise.  If you visited capitalexchange.to, immediately cease interaction and disconnect from the site. Review your device for compromise signs, such as unauthorized browser extensions or keystroke loggers. Revoke any credentials entered on the site and monitor financial accounts for suspicious transactions. Report this domain to your security team or PhishDestroy’s database to contribute to collective threat intelligence. Avoid clicking links in unsolicited messages referencing this domain or similar exchanges.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-12-25 16:30:42
- Registrar: Spaceship, Inc.
- IP: 89.106.200.1

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/capitalexchange.to
- PhishDestroy: https://phishdestroy.io/domain/capitalexchange.to/
- LLM endpoint: https://phishdestroy.io/domain/capitalexchange.to/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/capitalexchange.to/
Last updated: 2026-04-04