# rizzvs.vip — SUSPICIOUS

> PhishDestroy identifies rizzvs.vip as an active crypto drainer posing as a 'rizz' giveaway scam. Registered March 22, 2026, it hosts malicious scripts that.

## Summary
PhishDestroy identifies rizzvs.vip as an active crypto drainer posing as a fake 'rizz'-themed giveaway scam. This domain leverages social engineering tactics to trick users into connecting their cryptocurrency wallets under the false promise of rewards, only to drain funds directly. While no specific brand or drainer kit has been publicly linked to this domain, its behavior aligns with common crypto-draining operations that exploit viral trends to maximize victim engagement.  This domain resolves to IP 172.67.217.87 and was registered through Dynadot Inc on March 22, 2026. VirusTotal analysis shows that 2 out of 95 security vendors flagged this domain as malicious. The domain uses a Let's Encrypt SSL certificate, which is commonly abused by threat actors to appear legitimate. As of the latest assessment, this domain remains unblocked by Google Safe Browsing (GSB) and has not been widely listed on major threat intelligence blocklists, increasing its potential reach.  As of today, rizzvs.vip remains active and poses an elevated risk to users engaging with its content. PhishDestroy recommends immediate domain blocking at the network and endpoint levels. Users should avoid interacting with any links or QR codes associated with this domain. The lack of widespread blocklisting suggests this threat may still be in early propagation phases. Remaining risk is elevated due to the domain’s recent creation, active hosting, and use of legitimate-looking infrastructure. Continuous monitoring and proactive threat hunting are advised to prevent exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-22 02:59:03
- Registrar: Dynadot Inc
- IP: 172.67.217.87

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2886d693-77d6-4b26-8c14-8d53be42a09c
- PhishDestroy: https://phishdestroy.io/domain/rizzvs.vip/
- LLM endpoint: https://phishdestroy.io/domain/rizzvs.vip/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rizzvs.vip/
Last updated: 2026-03-26