# s.team-my.com — SUSPICIOUS > s.team-my.com is a Microsoft 365 phishing page detected on April 3rd, 2026. Blocked by OpenPhish & PhishingArmy. Check the full report. ## Summary PhishDestroy identifies s.team-my.com as an active phishing domain designed to impersonate Microsoft login pages, tricking users into surrendering account credentials. This site mimics legitimate Microsoft 365 login flows, harvesting usernames and passwords under the guise of security verification. The domain leverages urgency tactics—such as expired accounts or suspicious login alerts—to rush victims into action without scrutiny. Once credentials are entered, attackers gain access to sensitive data, enabling follow-on attacks like email hijacking, data theft, or corporate espionage. This scam preys on users’ trust in familiar brands, making it particularly dangerous for both individuals and organizations relying on Microsoft services for daily operations. PhishDestroy’s investigation reveals that s.team-my.com was registered on April 3, 2026, through TUCOWS.COM, CO., a common domain registrar used by threat actors to obscure ownership. The domain resolves to IP address 2.57.91.104 and currently holds a valid SSL certificate issued by Let’s Encrypt, which may falsely reassure visitors of its legitimacy. Despite being flagged by OpenPhish and PhishingArmy, VirusTotal reports 0 detections out of 95 engines, highlighting the lag between scam deployment and detection updates. The domain’s recency—created just months ago—suggests it is part of a rapidly evolving campaign, likely targeting Microsoft users during peak productivity periods like tax season or end-of-quarter reporting. Technical indicators, such as the mismatch between the domain’s name (s.team-my.com) and Microsoft’s official domains (e.g., microsoftonline.com), further expose its fraudulent nature. If you visited s.team-my.com and entered any credentials, act immediately to secure your account. First, change your Microsoft password from a trusted device and enable multi-factor authentication (MFA) if not already active. Scan your device for malware using reputable antivirus software, as attackers may have deployed keyloggers or backdoors during the phishing interaction. Report the incident to Microsoft via their official phishing reporting portal (phishing@microsoft.com) and notify your organization’s IT team if the account is tied to work. Monitor email inboxes and financial accounts for unusual activity, as compromised Microsoft accounts often serve as entry points for broader attacks. To avoid future scams, verify URLs before logging in, hover over links to check destinations, and use password managers that auto-fill only on verified domains. Always access Microsoft services directly via microsoft.com or trusted bookmarks, never through unsolicited emails or third-party links. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-03 23:58:20 - Registrar: TUCOWS.COM, CO. - IP: 2.57.91.104 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["OpenPhish", "PhishingArmy"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/s.team-my.com - PhishDestroy: https://phishdestroy.io/domain/s.team-my.com/ - LLM endpoint: https://phishdestroy.io/domain/s.team-my.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/s.team-my.com/ Last updated: 2026-04-06