# publicstart-usa.zapier.app — MALICIOUS

> Beware: publicstart-usa.zapier.app poses as a fake Trezor wallet login. This crypto drainer has been flagged by 12/95 security vendors.

## Summary
This domain, publicstart-usa.zapier.app, is actively hosting a fraudulent Trezor wallet login page designed to steal cryptocurrency. When users attempt to log in, their credentials and seed phrases are harvested by the threat actor, who then drains associated crypto funds. The page mimics the official Trezor.io domain with decoy text like 'Trézor.io/Start® - Official®' to appear legitimate, but any input entered on this site is compromised. Never trust unsolicited links purporting to lead to wallet login pages—always navigate to official sources directly.  This domain was recently flagged with a high-risk status. PublicStart-USA.zapier.app resolves to IP 64.239.123.193 and is flagged by 12 of 95 VirusTotal security vendors. It uses a Let’s Encrypt SSL certificate to appear trustworthy and features a misleading page title exploiting the Trezor brand. The domain is hosted on Zapier’s app subdomain, a tactic commonly used to bypass traditional security filters.  If you visited this site or entered any information, immediately revoke access to your Trezor wallet via the official app or website. Transfer any remaining funds to a newly generated wallet address. Scan your device for malware using reputable antivirus tools. Report the domain to PhishDestroy and avoid similar URLs in the future. Always verify wallet login pages by visiting the official domain manually—never through links received via email, social media, or third-party sites.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP ?)
- Page title: Trézor.io/Start® - Official®

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 64.239.123.193

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5283eb9f-8517-412a-a447-e7e577f46634
- PhishDestroy: https://phishdestroy.io/domain/publicstart-usa.zapier.app/
- LLM endpoint: https://phishdestroy.io/domain/publicstart-usa.zapier.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/publicstart-usa.zapier.app/
Last updated: 2026-04-14