# crypto-onchain.co — SUSPICIOUS > crypto-onchain.co flagged for social engineering phishing, 2/95 VirusTotal detections. Check the full report. ## Summary PhishDestroy identifies crypto-onchain.co as an active social engineering phishing domain designed to deceive users into revealing sensitive cryptocurrency credentials or transferring funds under false pretenses. This domain mimics legitimate blockchain or crypto service interfaces, leveraging urgency and trust-building tactics to exploit victims. The threat is elevated due to its recent registration and the presence of deceptive SSL certificates issued by Google Trust Services, which can mislead users into believing the site is secure. Technical indicators suggest this domain is part of a broader campaign targeting cryptocurrency enthusiasts, likely through phishing emails or fake advertisements. This domain was flagged by multiple security vendors, with only 2 out of 95 VirusTotal scanners detecting it as malicious at the time of analysis. It was registered through Gname.com Pte. Ltd. on June 29, 2025, and has already been blocked by Google Safe Browsing under the category of SOCIAL_ENGINEERING. The domain resolves to the IP address 104.21.73.239, which may host additional malicious infrastructure. The low detection rate by VirusTotal underscores the sophistication of this phishing campaign, as it evades many automated security measures. If you have visited crypto-onchain.co, immediately cease all interactions with the site and disconnect from any cryptocurrency wallets or exchanges that may have been accessed through it. Scan your devices for malware using reputable antivirus software and consider revoking any API keys or permissions granted to the domain. Report the domain to your local cybercrime unit or organizations like the Anti-Phishing Working Group (APWG). Avoid clicking on any links or advertisements related to this domain, as they may lead to further compromise. Stay vigilant for unusual transactions or account activities in your cryptocurrency holdings. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-06-29 12:17:03 - Registrar: Gname.com Pte. Ltd. - IP: 104.21.73.239 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/0b69a77a-c128-4f19-98f3-db8cee44b7ae - PhishDestroy: https://phishdestroy.io/domain/crypto-onchain.co/ - LLM endpoint: https://phishdestroy.io/domain/crypto-onchain.co/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/crypto-onchain.co/ Last updated: 2026-03-24