# orbicapital.com — SUSPICIOUS > PhishDestroy identifies orbicapital.com distributing fake investment scam phishing. Domain created Feb 2023. Check the full report. ## Summary PhishDestroy identifies orbicapital.com as an active investment scam phishing domain currently under investigation with a risk level of under_investigation. This domain impersonates a financial services firm to deceive users into providing sensitive information or transferring funds under false pretenses. This domain was flagged with 0/95 VirusTotal detections as of current intelligence. Technical indicators show it resolves to IP 135.125.128.106, registered through GoDaddy.com, LLC on February 11, 2023. The SSL certificate is issued by Let’s Encrypt, which is commonly exploited in phishing campaigns to appear legitimate. As of this assessment, the domain remains unlisted on major blocklists and exhibits no trust score penalties, indicating recent or stealthy deployment. The lack of detections suggests the campaign is either newly active or employs evasion tactics to avoid immediate detection. Mitigation for this threat type requires immediate action: Users should avoid interacting with orbicapital.com or any related links. Organizations should block the domain at DNS and firewall levels using the IP 135.125.128.106 and domain orbicapital.com. If accessed, scan endpoints for anomalous activity, particularly credential harvesting or unauthorized fund transfers. Report the domain to your security vendor and consider adding it to internal threat intelligence feeds. Exercise heightened scrutiny for unsolicited financial or investment-related communications referencing this domain. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2023-02-11 10:11:06 - Registrar: GoDaddy.com, LLC - IP: 135.125.128.106 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/524c5368-b1ab-4903-a7f5-44f08443247f - PhishDestroy: https://phishdestroy.io/domain/orbicapital.com/ - LLM endpoint: https://phishdestroy.io/domain/orbicapital.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/orbicapital.com/ Last updated: 2026-04-12