# pumpcashback.fun — SUSPICIOUS > PhishDestroy identifies pumpcashback.fun as a generic phishing site posing as a cashback offer. Created on March 07, 2026, it currently shows 0/95 VirusTotal. ## Summary PhishDestroy identifies pumpcashback.fun as a generic phishing domain designed to trick visitors into believing it offers legitimate cashback rewards. The site mimics trusted finance or retail promotions to harvest login credentials, payment details, or personal identity information. Once a user lands on the page, the threat actor behind the domain may deploy fake forms, credential harvesters, or drive-by downloads that install malware without the user’s awareness. Because the infrastructure is still young and AV coverage remains low at 0 out of 95 engines on VirusTotal, the campaign may expand quickly before broader detection signatures are released by security vendors. This domain was flagged by PhishDestroy with the unique seed identifier 5d4215. Technical indicators show it was registered through ENOM, INC. on March 07, 2026, and resolves to the IP address 172.67.221.149. Notably, the domain has acquired a valid SSL certificate issued by Google Trust Services, which can create a false sense of security in visitors. Despite its low detection rate—currently 0 detections out of 95 scans on VirusTotal as of seed 5d4215—this domain should be treated as actively malicious until proven otherwise. Its recent registration date and unflagged status make it a high-priority candidate for future phishing operations. If you have visited pumpcashback.fun, assume your data may have been exposed. Immediately stop using any login credentials entered on the site and change those passwords on a separate, trusted device. Scan your system with updated antivirus software and consider initiating fraud alerts or credit freezes if financial information was submitted. Report the domain to your organization’s security team or to PhishDestroy using seed 5d4215 for further analysis. Disconnect from untrusted networks and monitor account activity for signs of identity theft or unauthorized transactions for the next 30 days. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-07 01:12:52 - Registrar: ENOM, INC. - IP: 172.67.221.149 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/8794b2a1-1b43-4b10-bd81-b129e3dcc0ac - PhishDestroy: https://phishdestroy.io/domain/pumpcashback.fun/ - LLM endpoint: https://phishdestroy.io/domain/pumpcashback.fun/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/pumpcashback.fun/ Last updated: 2026-03-22