# imap2.goteal.io — MALICIOUS

> PhishDestroy identifies imap2.goteal.io as a live email phishing site. 9 of 95 VirusTotal engines flagged it. View the full report.

## Summary
PhishDestroy identifies imap2.goteal.io as an active email phishing front that masquerades as an IMAP login portal to harvest user credentials. Once harvested, attackers can bypass multi-factor authentication or reuse passwords across other services, leading to full account takeovers and data breaches. This domain specifically targets users expecting to access email accounts, leveraging the trusted appearance of an IMAP subdomain to lower suspicion.  This domain was flagged by 9 of 95 VirusTotal security vendors, registered through GoDaddy.com, LLC on June 28, 2016, and resolves to IP 52.44.87.47. The SSL certificate is issued by Amazon, which does not validate legitimacy for a subdomain used solely for phishing. The age of the domain (since 2016) suggests it may have been compromised or repurposed for malicious use rather than freshly registered for phishing.  If you visited imap2.goteal.io, immediately change any passwords entered and revoke access to any saved sessions. Scan connected devices for malware and enable multi-factor authentication on all email and financial accounts. Report the domain to your IT department or security provider and avoid re-entry. Monitor accounts for unusual activity and consider freezing credit if financial credentials were exposed. PhishDestroy recommends blocking this domain and IP at your network perimeter to prevent further exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2016-06-28 16:28:52
- Registrar: GoDaddy.com, LLC
- IP: 52.44.87.47

## Detection Status
- VirusTotal: 9 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/46544cfc-c550-4f4e-9489-17d309c6a67c
- PhishDestroy: https://phishdestroy.io/domain/imap2.goteal.io/
- LLM endpoint: https://phishdestroy.io/domain/imap2.goteal.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/imap2.goteal.io/
Last updated: 2026-03-23