# my.fondvault.net — SUSPICIOUS

> my.fondvault.net is a live crypto wallet phishing site exploiting Let's Encrypt SSL since Feb 2026. 0/95 scanners detect the threat—run a full scan now.

## Summary
my.fondvault.net lures cryptocurrency holders into entering recovery phrases or private keys by masquerading as a secure offline wallet vault.

PhishDestroy identifies this domain as an active cryptocurrency wallet phishing lure. This domain was flagged with zero detections out of 95 VirusTotal engines, registered on February 9, 2026 through PDR Ltd. (PublicDomainRegistry.com) and resolving to IP 94.103.88.245 with a Let’s Encrypt SSL certificate issued for HTTPS deception.

If you visited my.fondvault.net and entered any wallet details, immediately move remaining assets to a newly generated wallet, revoke any connected approvals, and scan devices for malware. Report the domain to your wallet provider and file an incident report with local cybercrime units.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-09 07:13:31
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 94.103.88.245

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a8d3d224-6b38-4f11-8134-82dfb515ae47
- PhishDestroy: https://phishdestroy.io/domain/my.fondvault.net/
- LLM endpoint: https://phishdestroy.io/domain/my.fondvault.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/my.fondvault.net/
Last updated: 2026-03-21