# mzstatic.co — SUSPICIOUS

> Warning: mzstatic.co imitates Apple. It may be a brand impersonation scheme. Exercise caution and verify the domain on PhishDestroy immediately.

## Summary
PhishDestroy has identified mzstatic.co as a domain engaging in brand impersonation, specifically targeting Apple users. This poses a risk of users being tricked into divulging sensitive information or downloading malicious content under the guise of interacting with a legitimate Apple service. The domain's tactics involve mimicking Apple's branding to deceive unsuspecting individuals.  
The domain mzstatic.co, registered through Gandi SAS on January 11, 2019, utilizes an SSL certificate issued by Let's Encrypt. Currently, VirusTotal analysis shows a low detection rate of 0/95, meaning it's not yet widely flagged as malicious. The domain resolves to IP address 138.201.244.79. The relatively clean VirusTotal scan may indicate that the domain is newly active or employs techniques to evade detection.  
If you have visited mzstatic.co and entered any personal information, such as login credentials or financial details, it is crucial to immediately change your passwords on all relevant accounts and monitor your financial accounts for any unauthorized activity. Running a full system scan with a reputable antivirus program is also recommended. Exercise extreme caution when interacting with any communication originating from this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Apple
- Page title: Apple

## Domain Intelligence
- Registered: 2019-01-11 12:30:43
- Registrar: Gandi SAS
- IP: 138.201.244.79

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b1771a04-3cd3-47da-993f-2b48a6191e86
- PhishDestroy: https://phishdestroy.io/domain/mzstatic.co/
- LLM endpoint: https://phishdestroy.io/domain/mzstatic.co/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mzstatic.co/
Last updated: 2026-03-25