# mx407.com — MALICIOUS

> mx407.com poses a credential phishing risk, with 16/95 VirusTotal detections and a July 2020 creation date.

## Summary
PhishDestroy identifies mx407.com as an active credential phishing domain with an elevated risk level.

This domain was flagged by 16 out of 95 VirusTotal security vendors for malicious activity, operates under a Google Trust Services SSL certificate, and resolves to IP address 188.114.96.3. Registered through NAMECHEAP INC on July 16, 2020, the domain has remained active despite its age, indicating sustained malicious intent. While no public blocklists were referenced in the provided intelligence, the combination of phishing detection rates, SSL certification, and hosting infrastructure suggests a well-established threat actor leveraging reputable services to obscure malicious operations.

Credential phishing domains like mx407.com are designed to deceive users into surrendering login credentials, financial details, or sensitive personal information through spoofed login portals. The domain’s longevity and continued operation imply its effectiveness in bypassing initial detection mechanisms, requiring ongoing vigilance. Users encountering this domain should avoid interacting with any login prompts or forms, verify the legitimacy of unsolicited communications independently, and report suspicious activity to relevant cybersecurity authorities. Organizations should consider blocking the domain at the network perimeter and updating endpoint detection rules to flag mx407.com as a high-confidence phishing threat.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2020-07-16 07:24:48
- Registrar: NAMECHEAP INC
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a51c9def-de77-4e84-9da5-8e22fcb0c337
- PhishDestroy: https://phishdestroy.io/domain/mx407.com/
- LLM endpoint: https://phishdestroy.io/domain/mx407.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mx407.com/
Last updated: 2026-03-28