# catalinahernandez.co — SUSPICIOUS > catalinahernandez.co is a confirmed BEC phishing site using Let's Encrypt SSL. VirusTotal flags 2 of 95 engines; users should avoid links and report the domain. ## Summary catalinahernandez.co presents an elevated Business Email Compromise (BEC) phishing risk and is classified as an active confirmed threat. This false representation targets credential harvesting and financial fraud, specifically exploiting trust in personal branding to deceive victims. PhishDestroy identifies catalinahernandez.co as an ACTIVE Business Email Compromise phishing site hosting fraudulent login forms under a falsified professional persona. Threat intelligence confirms 2 of 95 VirusTotal security vendors flag this domain as malicious (VT 2/95). The domain resolves to IP 44.211.14.38 and is served via a Let’s Encrypt TLS certificate, enhancing its apparent legitimacy. Registered on November 23, 2018 through Hello Internet Corp 8, the domain has evaded timely takedown, suggesting a persistent campaign targeting individuals and organizations relying on name recognition. While no public blocklist mentions were found in this analysis, the low detection rate (2/95) combined with the use of a legitimate registrar and free SSL certificate indicates a sophisticated, low-profile phishing operation designed to bypass traditional defenses. Immediate mitigation includes blocking the domain catalinahernandez.co and its resolving IP 44.211.14.38 at the network firewall and DNS level. Users who received emails from or about this domain should NOT click any embedded links or download attachments. Report the domain to your email provider and to abuse teams at Hello Internet Corp 8 using the creation date (2018-11-23) and SSL issuer (Let’s Encrypt) as identifiers. Implement DMARC/DKIM/SPF validation to reduce BEC susceptibility, and conduct user awareness training to recognize impersonation attempts leveraging personal brand identities. Monitor outbound traffic for connections to this domain or IP to detect potential credential compromise. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2018-11-23 16:28:29 - Registrar: Hello Internet Corp 8 - IP: 44.211.14.38 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/43373de7-9f2f-4fcc-a380-d240d93be2dd - PhishDestroy: https://phishdestroy.io/domain/catalinahernandez.co/ - LLM endpoint: https://phishdestroy.io/domain/catalinahernandez.co/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/catalinahernandez.co/ Last updated: 2026-03-26