# proposal-usdai.org — SUSPICIOUS > proposal-usdai.org is a crypto drainer impersonating USD Coin (USDC). Flagged by 0 of 95 VirusTotal vendors. Verify on PhishDestroy before interacting. ## Summary PhishDestroy identifies proposal-usdai.org as an active crypto drainer phishing domain targeting cryptocurrency users. The domain is currently active and poses a direct threat to users engaging with it, as it is designed to deceive victims into connecting their crypto wallets under false pretenses. This campaign is part of a growing trend of crypto drainer phishing sites that exploit trust in legitimate blockchain protocols to steal digital assets. This domain was flagged by 0 of 95 VirusTotal vendors, indicating it remains undetected by most automated security tools. It is registered through PDR Ltd. d/b/a PublicDomainRegistry.com, resolves to IP 172.67.206.19, and operates under a Let's Encrypt SSL certificate. The domain was created on March 25, 2026, and is currently unlisted on major blocklists, demonstrating its recent and stealthy deployment. Trust scores for this domain are likely low given its recent creation and lack of reputation, further emphasizing the need for caution. Proposal-usdai.org remains an active and evolving threat, with no current blocklist detections despite its malicious intent. Users are strongly advised to avoid interacting with this domain entirely. If you have encountered this site, disconnect from it immediately and revoke any wallet connections made through it. Report the domain to PhishDestroy or relevant authorities (e.g., Chainalysis, CipherTrace) to aid in tracking and mitigation. Always verify URLs, use hardware wallets for transactions, and cross-reference domains with trusted sources before engaging. Stay vigilant against emerging crypto drainer campaigns. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-25 21:02:59 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 172.67.206.19 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/8e598fb6-f485-476a-8c2e-a87f929d9016 - PhishDestroy: https://phishdestroy.io/domain/proposal-usdai.org/ - LLM endpoint: https://phishdestroy.io/domain/proposal-usdai.org/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/proposal-usdai.org/ Last updated: 2026-03-26