# mydrive.effem.com — MALICIOUS

> PhishDestroy identifies mydrive.effem.com as an active phishing page posing as file-share validation. 8 of 95 VirusTotal scanners flag this domain, created in.

## Summary
PhishDestroy identifies mydrive.effem.com as an active generic phishing domain targeting OneDrive users with a spoofed 'Validation du lien de partage' page. The domain’s branding closely mimics Microsoft’s legitimate share-validation workflow, indicating a likely drainer kit designed to harvest Microsoft 365 credentials or session tokens. No overt Cobalt Strike or other commodity malware payloads were observed in the sample path, suggesting a purely credential-harvesting objective. Domain registration data shows it was created on October 25, 1994, well before Microsoft OneDrive existed, which amplifies suspicion around its current misuse.  This domain resolves to IP 13.107.137.10 and bears a valid DigiCert SSL certificate, increasing trust signals for victims. VirusTotal analysis reveals 8 out of 95 security vendors flag mydrive.effem.com, signaling elevated risk. The domain is registered through NOM-IQ Ltd dba Com Laude, a well-known registrar that has processed domains for both legitimate and malicious actors. Google Safe Browsing has not yet flagged this domain, and blocklist aggregators currently show no public detections beyond VirusTotal. These technical indicators collectively confirm a high-confidence phishing operation actively harvesting cloud credentials.  As of today, mydrive.effem.com remains active and unresponsive to takedown requests, indicating persistent malicious hosting. Organizations should immediately block this domain at DNS and proxy levels and flag any internal access attempts. Users who accessed this page should rotate Microsoft 365 passwords, enable MFA, and scan devices for infostealers. Remaining risk is elevated due to the domain’s age and SSL certification, which can deceive both users and automated security tools.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Page title: Validation du lien de partage

## Domain Intelligence
- Registered: 1994-10-25 04:00:00
- Registrar: NOM-IQ Ltd dba Com Laude
- IP: 13.107.137.10

## Detection Status
- VirusTotal: 8 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1916da40-156d-48f0-a14a-93b9e66e1e56
- PhishDestroy: https://phishdestroy.io/domain/mydrive.effem.com/
- LLM endpoint: https://phishdestroy.io/domain/mydrive.effem.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mydrive.effem.com/
Last updated: 2026-03-23