# emv.flrtrustline.net — SUSPICIOUS > PhishDestroy identifies emv.flrtrustline.net as a credential theft page mimicking FLTrustLine with 0/95 VirusTotal detections. Immediate action advised. ## Summary PhishDestroy has flagged the domain emv.flrtrustline.net as an active credential theft campaign targeting unsuspecting users. This domain, registered through NAMECHEAP INC on March 31, 2025, resolves to IP 64.20.54.43 and operates under a ZeroSSL certificate, attempting to appear legitimate. The page is designed to harvest login credentials under the guise of FLTrustLine, a financial service platform, suggesting users may be tricked into surrendering sensitive account details. Analysis of technical indicators reveals this threat remains undetected by security vendors, with VirusTotal currently showing 0 detections out of 95 scans. The domain’s recent creation date and lack of established reputation make it particularly dangerous, as users may not recognize it as malicious. Additionally, the use of a legitimate-looking SSL certificate (ZeroSSL) further enhances the phishing page’s credibility, increasing the likelihood of successful credential theft. Users who have interacted with emv.flrtrustline.net should immediately change passwords for any accounts entered on the site and enable multi-factor authentication where available. Monitor accounts closely for unauthorized transactions or login attempts. If credentials were reused across other services, update those accounts as well. Report the domain to your organization’s security team or to PhishDestroy to help block future attacks. Avoid visiting the domain entirely to prevent further exposure. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-03-31 05:32:35 - Registrar: NAMECHEAP INC - IP: 64.20.54.43 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/1d23317f-a577-481e-8b69-185816350bd2 - PhishDestroy: https://phishdestroy.io/domain/emv.flrtrustline.net/ - LLM endpoint: https://phishdestroy.io/domain/emv.flrtrustline.net/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/emv.flrtrustline.net/ Last updated: 2026-03-24