# propose-curvefi.network — MALICIOUS

> propose-curvefi.network is a high-risk phishing site flagged by multiple security tools. Learn how to stay safe and avoid scams.

## Summary
PhishDestroy identifies propose-curvefi.network as a high-risk phishing domain designed to deceive users into divulging sensitive information. Although the domain is currently offline, it posed a significant threat due to its malicious intent and presence on multiple security blocklists. Users should remain vigilant as phishing sites like this often mimic legitimate services to exploit unsuspecting victims.

This phishing operation typically works by impersonating trusted financial platforms, tricking users into entering private credentials such as usernames, passwords, or wallet keys. The domain was registered through a dead domain service and became active on February 21, 2026, raising suspicion due to its recent creation and malicious activities flagged by 14 out of 95 VirusTotal security vendors. This tactic enables attackers to harvest sensitive data for fraudulent transactions or identity theft.

If a user has inadvertently visited propose-curvefi.network, immediate action is recommended. They should avoid interacting with any prompts or submitting personal details. It is crucial to run a full antivirus scan, change any passwords associated with compromised accounts, and monitor financial statements for unusual activity. Reporting the incident to relevant security authorities and updating browser security settings can also help prevent future exposure to similar threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Target brand: Curve
- Page title: Vote - Curve

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 213.111.154.75
- SSL Issuer: R11

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Seclookup", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0198abe3-ec86-7442-9b76-eab6eb4d20d0.png
- PhishDestroy: https://phishdestroy.io/domain/propose-curvefi.network/
- LLM endpoint: https://phishdestroy.io/domain/propose-curvefi.network/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/propose-curvefi.network/
Last updated: 2026-03-17