# mailhost.goteal.io — MALICIOUS > PhishDestroy identifies mailhost.goteal.io as a crypto drainer phishing site. VirusTotal flags it 10/95. Verify if you interacted with this scam URL. ## Summary PhishDestroy identifies mailhost.goteal.io as an active crypto drainer phishing domain, designed to trick users into connecting wallets or entering seed phrases under false pretenses. This domain mimics legitimate email hosting services to deliver malware or steal cryptocurrency assets directly from victim wallets. The threat is elevated due to its operational nature and direct financial targeting, with observed hosting infrastructure leveraging Amazon SSL certificates to appear trustworthy. This domain was flagged by 10 out of 95 security vendors on VirusTotal, indicating partial but not universal detection. Registered through GoDaddy.com, LLC on June 28, 2016, the domain has been active for nearly eight years—potentially allowing threat actors to refine its lures over time. The IP resolution to 52.44.87.47 links it to a known malicious hosting environment, reinforcing its classification as an elevated-risk threat. Users who visited mailhost.goteal.io should immediately disconnect any connected wallets, revoke permissions on blockchain explorers like Etherscan, and scan devices for malware. If seed phrases or private keys were entered, transfer funds to a new wallet immediately and consider reporting the incident to your local cybercrime unit. Always verify suspicious links through PhishDestroy before interacting—never trust unsolicited email login prompts or wallet connection requests. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2016-06-28 16:28:52 - Registrar: GoDaddy.com, LLC - IP: 52.44.87.47 ## Detection Status - VirusTotal: 10 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/8bf7b1f7-9a75-46a9-a478-3d6285a787d9 - PhishDestroy: https://phishdestroy.io/domain/mailhost.goteal.io/ - LLM endpoint: https://phishdestroy.io/domain/mailhost.goteal.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/mailhost.goteal.io/ Last updated: 2026-03-23