# fergamb.cc — SUSPICIOUS

> fergamb.cc is a live credential harvesting site with 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy identifies fergamb.cc as an active credential-harvesting domain engineered to trick users into surrendering sensitive login credentials. The site lures victims with spoofed login pages masquerading as legitimate services, capturing entered usernames and passwords for subsequent abuse in account takeovers and financial fraud. This campaign relies on social engineering and time-sensitive urgency to bypass suspicion and maximize victim yield before takedown efforts can begin.

This domain was flagged on VirusTotal with zero detections out of 95 engines as of the latest scan, indicating it currently evades most automated defenses. It resolves to IP address 104.21.4.41 and was registered on March 31, 2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED using a free Let’s Encrypt SSL certificate to appear trustworthy. These factors combine to create a low-detection, high-impact threat vector actively distributing malicious content.

If you visited fergamb.cc or entered any information, immediately change the passwords on all related accounts and enable multi-factor authentication where available. Run a full antivirus scan on your device and monitor financial accounts for unauthorized transactions. Report the domain to your security team or through local cybercrime reporting channels to help accelerate blocklisting and protect others from falling victim.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-31 17:18:52
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.4.41

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/fergamb.cc
- PhishDestroy: https://phishdestroy.io/domain/fergamb.cc/
- LLM endpoint: https://phishdestroy.io/domain/fergamb.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/fergamb.cc/
Last updated: 2026-04-04