# sahara-ai.digital — SUSPICIOUS

> Discover the risks behind sahara-ai.digital phishing site. Learn how it worked and what to do if you visited this suspicious domain.

## Summary
PhishDestroy identifies sahara-ai.digital as a phishing domain that posed a low-level risk before being taken offline. Although its threat level was low, users could still be exposed to deceptive attempts to steal personal information. Phishing sites like this often impersonate legitimate services to trick visitors.

This phishing operation used sahara-ai.digital to lure victims into providing sensitive data by presenting fake interfaces or fraudulent messages. Its domain was newly created and flagged on multiple security blocklists, indicating suspicious activity. Despite being registered through a dead domain registrar, some security vendors detected malicious intent, leading to its removal.

If someone visited sahara-ai.digital, it is advisable to avoid entering any personal or financial information. Users should run a full antivirus scan and monitor accounts for unusual activity. Changing passwords and enabling multi-factor authentication can further protect against potential identity theft or fraud resulting from exposure to this phishing site.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 530)
- Page title: Sahara AI: OKX Airdrop

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Dead domain
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["CRDF", "Gridinsoft"]
- Google Safe Browsing: clean
- Blocklists: 4 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019852c0-f072-754a-8498-ef0f32aa0e75.png
- PhishDestroy: https://phishdestroy.io/domain/sahara-ai.digital/
- LLM endpoint: https://phishdestroy.io/domain/sahara-ai.digital/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sahara-ai.digital/
Last updated: 2026-03-17