# pokups.com — MALICIOUS

> pokups.com is a crypto drainer scam site with 11/95 VirusTotal detections. Avoid this page to protect your crypto assets and credentials.

## Summary
PhishDestroy identifies pokups.com as an active crypto drainer scam designed to deceive visitors into connecting their cryptocurrency wallets and unknowingly approve malicious token transfers. The domain mimics legitimate crypto platforms by using social engineering tactics such as fake airdrop offers or urgent “claim now” prompts. Once a user connects a wallet, the drainer silently initiates token approvals and transfers, exploiting smart contract interactions to steal funds directly from connected accounts. This site does not deliver any real value—it only exists to exploit blockchain transactions for theft.  This domain was flagged by 11 of 95 VirusTotal security vendors, indicating widespread recognition as a malicious site. The SSL certificate is issued by Let's Encrypt, commonly used by both benign and malicious sites alike. Domain registration records (via seed 5b81a4) show this site is hosted on modern infrastructure likely intended to evade blocklists through rapid domain rotation and certificate reuse. Its recent creation and active status suggest it is part of a coordinated campaign targeting cryptocurrency users across social media and messaging platforms.  If you visited pokups.com, immediately disconnect your wallet from all websites via your wallet interface—do not approve any pending transactions. Revoke any suspicious token approvals using tools like revoke.cash. Scan your device with updated antivirus software and consider rotating wallet addresses if you entered credentials or connected your wallet. Never interact with unexpected crypto links, even from trusted contacts. Report the domain to your browser and security tools to help block future access.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence

## Detection Status
- VirusTotal: 11 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits
  Lists: []

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ec7a3774-d31a-4d81-bbf7-7fec35d745a1
- PhishDestroy: https://phishdestroy.io/domain/pokups.com/
- LLM endpoint: https://phishdestroy.io/domain/pokups.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pokups.com/
Last updated: 2026-04-13