# galaxydigital.prfts.cfd — SUSPICIOUS > Galaxydigital.prfts.cfd mimics Galaxydigital with a fake ‘safe investment’ page hosted on a 1-day-old domain. ## Summary PhishDestroy identifies active phishing activity hosted at galaxydigital.prfts.cfd that specifically impersonates the legitimate investment platform Galaxydigital to harvest funds and credentials under the guise of ‘safe investments.’ The domain is classified as a generic phishing campaign, currently under investigation and marked as active since April 03, 2026. This threat poses a direct risk to users seeking genuine investment opportunities by leveraging deceptive branding and false promises of security. This domain was flagged with VirusTotal showing 0 detections out of 95 engines as of the latest scan, indicating it remains undetected by most antivirus platforms. It resolves to the IP address 102.212.247.99 and was registered through NameSilo, LLC. The page title displayed—“Galaxydigital – Safe investment with Galaxydigital”—mirrors legitimate branding to deceive visitors. The domain was created on April 03, 2026, and currently shows no presence on public blocklists or in threat intelligence feeds, suggesting a recently launched campaign with low detection coverage. To mitigate exposure, users should avoid accessing galaxydigital.prfts.cfd entirely and verify any investment-related URLs directly through the official Galaxydigital website or trusted financial directories. Corporate and individual investors are advised to block the IP 102.212.247.99 at the network perimeter and update browser-based blocklists to include this domain. Security teams should monitor for similar domains registered through NameSilo with recent creation dates and keywords like ‘investment’ or ‘galaxy’ in subdomains or paths. Immediate reporting of this domain to hosting providers and domain registrars may accelerate takedown efforts. Exercise heightened caution with any unsolicited investment offers, especially those promoting guaranteed returns or urgent actions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Page title: Galaxydigital – Safe investment with Galaxydigital ## Domain Intelligence - Registered: 2026-04-03 14:51:04 - Registrar: NameSilo, LLC - IP: 102.212.247.99 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/galaxydigital.prfts.cfd - PhishDestroy: https://phishdestroy.io/domain/galaxydigital.prfts.cfd/ - LLM endpoint: https://phishdestroy.io/domain/galaxydigital.prfts.cfd/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/galaxydigital.prfts.cfd/ Last updated: 2026-04-08