# itrusscpietal-login.webflow.io — MALICIOUS

> Webflow-hosted itrusscpietal-login.webflow.io mimics iTrustCapital login to steal crypto IRA credentials; flagged by 20/95 VirusTotal scanners.

## Summary
PhishDestroy identifies itrusscpietal-login.webflow.io as a live credential-phishing campaign targeting iTrustCapital users. The decoy login page at this subdomain pretends to be the authentic iTrustCapital portal, aiming to harvest email-password combinations for unauthorized access to customers’ crypto Individual Retirement Accounts. The page title, “iTrustCapital Login | The #1 Crypto IRA Retirement Platform,” matches the branding victims expect, reinforcing the social-engineering lure.

This domain was flagged by 20 of 95 VirusTotal security vendors and resolves to IP 104.18.36.248 via Cloudflare. The SSL certificate is issued by Google Trust Services, a technique commonly used to appear legitimate. Domain abuse is hosted on Webflow’s platform, which criminals leverage for rapid subdomain churn.

If you visited this page, immediately change your iTrustCapital password using a different device, enable multi-factor authentication, and review account activity for unauthorized withdrawals. Do not enter any credentials you previously used on other sites, and report the incident to iTrustCapital support. Avoid clicking links in unexpected emails; always navigate to the official site independently.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP ?)
- Page title: iTrustCapital Login | The #1 Crypto IRA Retirement Platform

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.36.248

## Detection Status
- VirusTotal: 20 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1a4baf0e-49a9-4d41-9b2a-92d0d2679334
- PhishDestroy: https://phishdestroy.io/domain/itrusscpietal-login.webflow.io/
- LLM endpoint: https://phishdestroy.io/domain/itrusscpietal-login.webflow.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/itrusscpietal-login.webflow.io/
Last updated: 2026-04-13