# eng-tresuite-trezo.wixstudio.com — SUSPICIOUS > eng-tresuite-trezo.wixstudio.com hosts a generic phishing site mimicking the Tresuite platform. VirusTotal shows 0/95 detections despite active status. ## Summary PhishDestroy identifies an active phishing campaign operating from eng-tresuite-trezo.wixstudio.com, which impersonates the legitimate Tresuite platform to deceive users into divulging sensitive credentials or payment details. The domain was registered recently and remains undetected by security vendors, with VirusTotal showing 0/95 detections as of the latest scan. This low detection rate suggests a newly deployed or evasive threat actor leveraging trusted hosting providers like WixStudio and SSL certificates from Let’s Encrypt to lend credibility to the fraudulent site. The infrastructure resolves to IP address 34.144.206.118, which may be shared with other malicious campaigns, increasing the risk of cross-contamination for visitors. Technical analysis of eng-tresuite-trezo.wixstudio.com reveals several red flags consistent with phishing operations. The domain is hosted on WixStudio, a legitimate website builder, which is commonly abused by threat actors to rapidly deploy spoofed login portals and support pages. The domain’s SSL certificate, issued by Let’s Encrypt, further enhances its appearance of legitimacy by displaying HTTPS in the browser address bar. Despite this, the site remains undetected by 95 tested security engines, indicating either a newly activated campaign or the use of sophisticated evasion techniques. The absence of historical blocklist entries suggests this domain has not been previously flagged, increasing the likelihood of successful victim engagement. The combination of a spoofed brand identity, trusted infrastructure, and low detection profile makes this a high-risk threat vector for unsuspecting users. Users who have interacted with eng-tresuite-trezo.wixstudio.com should immediately cease all communications with the site and assess any exposed credentials or financial information. If login details were entered, change passwords immediately and enable multi-factor authentication on all associated accounts. Monitor financial transactions for unauthorized activity and report any suspicious events to the relevant financial institutions. Avoid clicking links or downloading files from this domain in the future, and consider blocking the IP address 34.144.206.118 at the network perimeter to prevent further access. Organizations should update threat intelligence feeds with this domain and IP to ensure proactive detection across security controls. Report the domain to your IT security team or relevant cybercrime reporting channels, such as the FBI’s IC3 or local cybersecurity authorities, to aid in broader takedown efforts. Proactive vigilance and rapid response are critical to mitigating the risks posed by this active phishing campaign. ## Threat Details - Verdict: SUSPICIOUS - Site status: alive (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 34.144.206.118 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/eng-tresuite-trezo.wixstudio.com - PhishDestroy: https://phishdestroy.io/domain/eng-tresuite-trezo.wixstudio.com/ - LLM endpoint: https://phishdestroy.io/domain/eng-tresuite-trezo.wixstudio.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/eng-tresuite-trezo.wixstudio.com/ Last updated: 2026-04-11