# cosmeticjobsaccount.com — MALICIOUS

> cosmeticjobsaccount.com is linked to credential phishing and flagged as high risk. Stay protected and avoid this domain now.

## Summary
PhishDestroy identifies cosmeticjobsaccount.com as a high-risk credential phishing domain targeting user login data. The site masquerades as legitimate job-related content to deceive victims.

Registered through Namemart Limited on February 21, 2026, the domain has been flagged by multiple security vendors and appears on at least one security blocklist. This infrastructure indicates malicious intent to harvest credentials.

Currently offline, cosmeticjobsaccount.com poses no active threat. Users are advised to avoid interaction with this domain and ensure their credentials are secure.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Namemart Limited
- Country: GB
- IP: 172.67.173.213
- Nameservers: ["todd.ns.cloudflare.com", "kami.ns.cloudflare.com"]
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "Lionic", "MalwareURL", "Seclookup", "SOCRadar", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ba85a-b29b-723a-804e-1b80d65b9742.png
- PhishDestroy: https://phishdestroy.io/domain/cosmeticjobsaccount.com/
- LLM endpoint: https://phishdestroy.io/domain/cosmeticjobsaccount.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/cosmeticjobsaccount.com/
Last updated: 2026-03-19