# deadwhale.sbs — SUSPICIOUS > PhishDestroy investigates deadwhale.sbs, a newly created domain (March 27, 2026) serving generic phishing. Avoid forms, reset passwords! ## Summary PhishDestroy is currently investigating deadwhale.sbs as a potential source of generic phishing attacks. This means the site may attempt to steal your personal information, such as usernames, passwords, or financial details, by disguising itself as a legitimate website. Exercise extreme caution if you encounter this domain, especially if it prompts you to enter any sensitive data. Do not submit any forms. Our investigation has revealed several details about deadwhale.sbs. As of this report, VirusTotal shows a low detection rate of 0/95, but this can change rapidly. The domain was registered relatively recently, on March 27, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED. It currently resolves to the IP address 188.114.96.3 and uses an SSL certificate issued by Let's Encrypt, which is common for both legitimate and malicious sites. The recent registration date is a common trait of phishing sites. If you have visited deadwhale.sbs and entered any personal information, it is crucial to take immediate action. Change your passwords for any accounts that may be compromised, especially those using the same username and password combination. Monitor your bank and credit card statements for any unauthorized activity. Consider enabling two-factor authentication on your important accounts for added security. If you suspect identity theft, report it to the relevant authorities. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-27 13:12:01 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/1ba1f57d-6024-464f-9329-247ab25b6bc4 - PhishDestroy: https://phishdestroy.io/domain/deadwhale.sbs/ - LLM endpoint: https://phishdestroy.io/domain/deadwhale.sbs/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/deadwhale.sbs/ Last updated: 2026-03-27