# kra19att.cc — MALICIOUS

> kra19att.cc is a fraudulent AT&T impersonation site detected by 13/95 security vendors. This phishing domain steals credentials posing as AT&T services.

## Summary
PhishDestroy identifies kra19att.cc as an active AT&T brand impersonation phishing site designed to harvest user credentials under the guise of legitimate AT&T services. The domain leverages social engineering tactics to trick victims into disclosing sensitive login information, which attackers can then exploit for unauthorized account access, financial fraud, or further targeted attacks. Security researchers have observed this domain resolving to IP address 45.130.151.196, a hosting infrastructure frequently associated with malicious campaigns due to its lack of legitimate business services and high concentration of flagged domains.

This domain was flagged by 13 out of 95 security vendors on VirusTotal, indicating elevated risk but not universal detection, which highlights the importance of proactive user vigilance. Registered through Eagle Eye Domains, LLC on February 05, 2026, kra19att.cc utilizes a Let's Encrypt SSL certificate to appear legitimate and evade browser warnings. The domain’s recent creation and low detection rate suggest it may be part of a rapidly evolving campaign targeting AT&T customers. Users are strongly advised against interacting with this domain, as it poses a direct threat to account security and personal data integrity.

If you have visited kra19att.cc, immediately change your AT&T account password and enable multi-factor authentication to prevent unauthorized access. Scan your device for malware using reputable antivirus software, as credential-stealing phishing sites often deploy secondary payloads. Report the domain to your email provider, AT&T’s fraud department, and platforms like PhishDestroy or the Anti-Phishing Working Group (APWG) to help disrupt the campaign. Avoid clicking links in unsolicited emails or messages referencing AT&T services, and verify any suspicious communications directly through official AT&T channels.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-05 09:05:30
- Registrar: Eagle Eye Domains, LLC
- IP: 45.130.151.196

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9cbfbc36-a02b-42e5-8f17-12b18b6fa0ca
- PhishDestroy: https://phishdestroy.io/domain/kra19att.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra19att.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra19att.cc/
Last updated: 2026-03-28