# ravenstoneconstruction.com — MALICIOUS > ravenstoneconstruction.com impersonates Aave in a fake giveaway scam. Flagged by 19/95 VirusTotal vendors. Check the full report. ## Summary PhishDestroy identifies ravenstoneconstruction.com as a high-risk domain actively engaged in cryptocurrency fraud by impersonating the Aave decentralized finance platform. This site leverages brand hijacking to deceive users into believing they are interacting with an official Aave initiative, most likely through a fake giveaway or investment opportunity designed to steal cryptocurrency assets. The fraudulent domain employs social engineering tactics by mimicking legitimate branding and integrating spoofed trust signals such as a fraudulent SSL certificate issued by Sectigo Limited. Domain resolution to IP 199.188.201.195 further confirms malicious infrastructure hosting the impersonation page, which is deliberately structured to exploit user trust in recognized DeFi protocols. This domain was flagged by 19 out of 95 VirusTotal security vendors, blocked by two independent threat intelligence platforms (Maltrail and InversionDNS), and classified as SOCIAL_ENGINEERING by Google Safe Browsing. Registered on October 15, 2024 through NAMECHEAP INC, ravenstoneconstruction.com exhibits all hallmarks of a newly established malicious domain targeting unsuspecting crypto users. The combination of recent registration date, low reputation, and association with a widely recognized DeFi brand elevates the risk profile significantly, indicating this is not a random phishing attempt but a targeted brand impersonation campaign. Users who have visited ravenstoneconstruction.com should immediately cease any interaction with the site and avoid entering wallet credentials, private keys, or personal information. Clear browser cache and cookies related to this domain, and consider running a full malware scan on the device used to access the site. If any cryptocurrency was sent or exposed during the visit, report the incident to the respective blockchain explorer and consider revoking any token approvals via tools like revoke.cash. Users are advised to only interact with Aave through its verified domains (aave.com or app.aave.com) and to verify any communication via official Aave social channels before taking any action. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) - Target brand: Aave ## Domain Intelligence - Registered: 2024-10-15 17:05:58 - Registrar: NAMECHEAP INC - IP: 199.188.201.195 ## Detection Status - VirusTotal: 19 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 2 hits Lists: ["Maltrail", "InversionDNS"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/76a78cf5-5628-4b6d-af89-c70b424834ab - PhishDestroy: https://phishdestroy.io/domain/ravenstoneconstruction.com/ - LLM endpoint: https://phishdestroy.io/domain/ravenstoneconstruction.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ravenstoneconstruction.com/ Last updated: 2026-03-22