# rewards-x.com — SUSPICIOUS > Security alert: rewards-x.com impersonates a rewards program via phishing. VirusTotal score 0/95 — check the full report. ## Summary PhishDestroy identifies rewards-x.com as a newly active generic phishing domain designed to deceive users into surrendering personal or financial information under the guise of a rewards program incentive. While the specific brand or platform being impersonated remains unverified, the domain structure (rewards-x.com) suggests a lure targeting users expecting promotional offers or loyalty points redemptions. The absence of a recognized drainer kit in open-source intelligence implies a reliance on low-complexity social engineering tactics, such as urgency (limited-time offer) or mimicry of established reward platforms. The threat actor’s objective appears to be credential harvesting or payment data theft through spoofed login portals or fake forms. This domain was flagged with a VirusTotal detection score of 0 out of 95 engines, indicating it has not yet been blacklisted or analyzed by a majority of AV vendors—posing an elevated risk for early-stage cyber campaigns. Technical indicators include registration through Gname.com Pte. Ltd., a Singapore-based registrar known for anonymous bulk registrations. The domain resolves to IP address 176.123.0.55, a hosting provider associated with low-reputation IP blocks and shared among phishing campaigns. Registered on April 26, 2025, the domain holds a valid Let’s Encrypt SSL certificate, increasing user trust and reducing browser warning visibility. No entries were found on Google Safe Browsing (GSB) or major blocklists as of latest checks. At present, rewards-x.com remains active and unblocked across most security platforms due to its recency and low detection footprint. The threat is classified as 'under_investigation'—suggesting incomplete attribution or ongoing analysis by threat intel teams. Users are advised to avoid interaction with this domain and report it via browser extensions or threat intelligence feeds. Organizations should configure network defenses to block access to 176.123.0.55 and monitor for derivatives of this domain pattern (e.g., rewards-x.net). Remaining risk is MEDIUM due to high potential for user deception and low current detection coverage—escalating if the site transitions to a live credential-harvesting portal. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-04-26 06:33:47 - Registrar: Gname.com Pte. Ltd. - IP: 176.123.0.55 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/rewards-x.com - PhishDestroy: https://phishdestroy.io/domain/rewards-x.com/ - LLM endpoint: https://phishdestroy.io/domain/rewards-x.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/rewards-x.com/ Last updated: 2026-04-07