# rutorforum.biz — SUSPICIOUS

> rutorforum.biz poses a credential theft threat with 0/95 VirusTotal detections. Registered February 21, 2024, via NICENIC INTERNATIONAL GROUP CO., LIMITED.

## Summary
PhishDestroy identifies rutorforum.biz as a credential theft site designed to trick users into revealing sensitive login information. The domain mimics legitimate forums to harvest usernames and passwords, potentially granting attackers access to personal accounts, emails, or financial platforms. This type of attack often leads to identity theft, unauthorized transactions, or further phishing campaigns targeting the victim's contacts.

This domain was flagged with 0 detections out of 95 VirusTotal scans as of the latest assessment. It was registered on February 21, 2024, through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar commonly used for bulk or low-cost domain registrations. The site resolves to IP 188.114.97.3 and holds an SSL certificate from Google Trust Services, which attackers often exploit to appear legitimate.

If you visited rutorforum.biz, immediately change passwords for any accounts where you entered credentials. Enable two-factor authentication (2FA) on those accounts if available. Scan your device for malware using reputable antivirus software, as credential theft sites may deploy keyloggers or other spyware. Avoid clicking on any links or downloading files from the site, and consider reporting the domain to your local cybercrime unit or platforms like Google Safe Browsing.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-02-21 14:53:09
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/29e4ba18-6ac3-47ca-860d-e569096981c5
- PhishDestroy: https://phishdestroy.io/domain/rutorforum.biz/
- LLM endpoint: https://phishdestroy.io/domain/rutorforum.biz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rutorforum.biz/
Last updated: 2026-03-26