# cma-lebanon.com — SUSPICIOUS > PhishDestroy identifies cma-lebanon.com as a fake CMA exam scam site. VirusTotal 0/95 detections as of March 2026. Check the full report. ## Summary PhishDestroy identifies an active phishing domain, cma-lebanon.com, impersonating Certified Management Accountant (CMA) exam services to steal credentials and payment data from accounting professionals. This site masquerades as an official CMA certification portal, likely targeting candidates preparing for the Institute of Management Accountants (IMA) CMA exams. Attackers leverage urgency around exam deadlines and high-stakes certification to pressure victims into entering personal financial information or downloading malicious content. This domain was flagged under investigation with the following technical indicators: registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 16, 2026; hosting on IP 104.21.93.240 using a Let's Encrypt SSL certificate (further analysis needed to validate certificate legitimacy); and currently showing zero detections out of 95 VirusTotal engines as of the seed date. The recent domain creation date and clean VirusTotal score suggest this threat may be newly deployed and undetected by many security tools. Users who recently searched for CMA exam preparation resources should exercise extreme caution. If you visited cma-lebanon.com or entered personal information, immediately cease use of any provided credentials and monitor financial accounts for unauthorized transactions. Do not trust any payment prompts or download links from this site. Report the incident to your bank or credit card provider if sensitive data was entered. Run a full antivirus scan using updated security software. Consider changing passwords across all accounts, especially if reused. To verify legitimate CMA resources, visit only the official IMA website at imanet.org. For further analysis and protection guidance, access the full PhishDestroy investigative report using seed identifier 715319. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-16 14:47:10 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 104.21.93.240 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/ce6ed822-98ba-4a1c-9af0-dc6672c6a403 - PhishDestroy: https://phishdestroy.io/domain/cma-lebanon.com/ - LLM endpoint: https://phishdestroy.io/domain/cma-lebanon.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/cma-lebanon.com/ Last updated: 2026-03-23