# schneidergroup.live — SUSPICIOUS > Beware: SchneiderGroup.live is a newly detected credential-harvesting phishing site. VirusTotal shows 0/95 detections (Apr 05, 2026). Check the full report. ## Summary PhishDestroy identifies SchneiderGroup.live as an active credential-harvesting phishing domain designed to mimic legitimate business portals and steal user login details. The site poses as a corporate authentication page to trick employees or clients into entering sensitive credentials that are immediately harvested by attackers. This is not a generic phishing attempt — it is a targeted deception aimed at compromising accounts under the false pretense of accessing Schneider Group services. PhishDestroy’s investigation reveals that SchneiderGroup.live was registered on April 05, 2026, through HOSTINGER operations, UAB and currently resolves to IP address 91.247.36.170. The domain uses a valid Let’s Encrypt SSL certificate to appear legitimate, while VirusTotal currently shows 0 detections out of 95 security engines — indicating this threat remains largely undetected by antivirus systems. The domain is classified as active and under investigation, with a unique seed identifier of 450ac0 assigned for tracking. If you visited SchneiderGroup.live or entered any login credentials, assume your data may have been compromised. Immediately change passwords used on or related to this site, enable multi-factor authentication where possible, and scan your device for malware. Report suspicious activity to your IT team and monitor accounts for unauthorized access. Avoid reusing passwords across different services, as attackers often use harvested credentials to access multiple accounts. Stay alert and verify domains carefully before entering sensitive information. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-05 12:15:18 - Registrar: HOSTINGER operations, UAB - IP: 91.247.36.170 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/schneidergroup.live - PhishDestroy: https://phishdestroy.io/domain/schneidergroup.live/ - LLM endpoint: https://phishdestroy.io/domain/schneidergroup.live/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/schneidergroup.live/ Last updated: 2026-04-06