# fabric-foundation.org — SUSPICIOUS > fabric-foundation.org is active in a credential harvesting phishing campaign. Flagged by 0 of 95 VirusTotal vendors. Check the full report. ## Summary PhishDestroy identifies fabric-foundation.org as a live credential harvesting phishing domain targeting users under the guise of a legitimate foundation. The domain is currently active and poses a credible risk to individuals or organizations expecting interactions with an established entity. This campaign requires immediate attention due to its active status and potential for widespread deception. This domain, registered on March 13, 2026, resolves to IP address 188.114.97.3 and is hosted through NICENIC INTERNATIONAL GROUP CO., LIMITED. As of the latest scan, fabric-foundation.org remains unflagged by any of the 95 VirusTotal vendors, indicating it has not yet been widely recognized as malicious. The domain employs a Let’s Encrypt SSL certificate, which may enhance its perceived legitimacy. Additionally, no blocklist records or trust score reductions have been reported for this domain at this time, further underscoring the need for proactive investigation. The current status of this campaign is active, with no detections or mitigations in place. PhishDestroy recommends immediate actions to mitigate risk: block fabric-foundation.org at the DNS and firewall levels, inspect outbound traffic for connections to 188.114.97.3, and advise users to avoid interacting with any solicitation from this domain. Organizations should also monitor internal credentials for signs of compromise, as this campaign likely aims to harvest login details under false pretenses. Further monitoring is advised until global detection coverage improves or the domain is flagged by reputable threat intelligence sources. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-13 22:57:23 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/bdaf6521-f758-4019-973a-c7782f172d7c - PhishDestroy: https://phishdestroy.io/domain/fabric-foundation.org/ - LLM endpoint: https://phishdestroy.io/domain/fabric-foundation.org/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/fabric-foundation.org/ Last updated: 2026-03-23