# link-account.us — SUSPICIOUS

> link-account.us poses a potential credential phishing risk. Exercise caution and avoid sharing personal info until investigation concludes.

## Summary
PhishDestroy has classified the domain link-account.us as an active threat under investigation, primarily linked to credential phishing activities. The risk level remains uncertain pending further analysis, but initial indicators suggest this domain may be attempting to deceive users into disclosing sensitive login credentials.

Supporting evidence includes the domain’s recent creation date of March 01, 2026, which is often characteristic of fraudulent or short-lived phishing sites. Although VirusTotal currently reports zero detections from its 95 security vendors, the domain is registered via DYNADOT LLC, a registrar occasionally abused by malicious actors. Additionally, the domain resolves to the IP address 212.28.182.48, which is under scrutiny for potentially suspicious activity. This combination of new registration, registrar profile, and hosting infrastructure warrants heightened attention despite the absence of immediate antivirus flags.

Users should exercise caution and avoid interacting with link-account.us or submitting any personal information on this site. PhishDestroy recommends monitoring updates on this domain’s status and ensuring robust credential hygiene, such as using multi-factor authentication and unique passwords. The domain’s status remains active and under investigation, emphasizing the importance of vigilance while definitive conclusions are pending.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 526)
- Page title: Welcome to nginx!

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: DYNADOT LLC
- Country: US
- IP: 212.28.182.48
- IP Country: US
- IP City: St. Louis
- IP Org: AS40021 Contabo Inc.
- Nameservers: ns1.dyna-ns.net ns2.dyna-ns.net
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc27c-f041-716a-9769-e831b020af5b.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/link-account.us
- Wayback Machine: https://web.archive.org/web/https://link-account.us
- PhishDestroy: https://phishdestroy.io/domain/link-account.us/
- LLM endpoint: https://phishdestroy.io/domain/link-account.us/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/link-account.us/
Last updated: 2026-03-16