# sca.stakingrewards.biz — MALICIOUS > sca.stakingrewards.biz is a high-risk phishing domain flagged on multiple blocklists. Stay protected—avoid interacting with this site now. ## Summary PhishDestroy identifies sca.stakingrewards.biz as a high-risk generic phishing domain. The site masquerades under a misleading page title "Google" to deceive users seeking legitimate services. It was registered recently on September 16, 2025, indicating it is part of an emerging phishing campaign. The domain is classified as active and currently poses a significant threat to unsuspecting users. Technical analysis reveals that sca.stakingrewards.biz resolves to IP address 172.217.18.4, which is notable as it belongs to Google’s IP space, potentially used to create a false sense of legitimacy. The domain is registered via Dynadot LLC, a common registrar exploited by threat actors. It has been flagged on three separate security blocklists and is detected by 15 out of 95 VirusTotal antivirus engines, confirming its malicious nature. The deceptive page title and the domain’s recent creation date further support the phishing classification. The domain remains active and continues to be monitored closely by security researchers. Immediate caution is advised for users encountering this domain, as interaction could lead to credential theft or other forms of fraud. PhishDestroy recommends blocking access to sca.stakingrewards.biz and reporting any suspicious activity related to this domain. Continuous tracking of its infrastructure is essential to mitigate the evolving phishing threat linked to this site. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP 530) - Page title: Google ## Domain Intelligence - Registered: 2025-09-16 21:29:23 - Registrar: Dynadot LLC - Country: US - IP: 172.217.18.4 - SSL Issuer: WE2 ## Detection Status - VirusTotal: 15 vendors flagged Vendors: ["ADMINUSLabs", "ChainPatrol", "BitDefender", "CRDF", "CyRadar", "Fortinet", "G-Data", "Google Safebrowsing", "Gridinsoft", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"] - Google Safe Browsing: clean - Blocklists: 3 hits Lists: ["PhishDestroy", "MetaMask", "ScamSniffer"] ## Evidence - Screenshot: https://urlscan.io/screenshots/019bb7b7-61ff-7624-b32a-2f6e5da728d3.png - PhishDestroy: https://phishdestroy.io/domain/sca.stakingrewards.biz/ - LLM endpoint: https://phishdestroy.io/domain/sca.stakingrewards.biz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/sca.stakingrewards.biz/ Last updated: 2026-03-19