# secure-collab.land — SUSPICIOUS

> Credential phishing at secure-collab.land delivers fake collaboration portals. Blocked by Hagezi, VT 0/95. Check the full report.

## Summary
PhishDestroy identifies an active credential-phishing campaign impersonating a secure collaboration portal at secure-collab.land, harvesting login details under the guise of team file sharing.

This domain was flagged for credential phishing after VirusTotal returned 0 detections (0/95 engines) as of the March 24, 2026 creation date. The domain resolves to IP 188.114.96.3, is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED, and already appears on 2 security blocklists including Enkrypt and Hagezi.

If you visited or entered credentials, immediately change passwords on all accounts using the same login details and enable multi-factor authentication. Scan devices for malware, review account activity logs for unauthorized access, and avoid reusing passwords across services. Report the URL to your IT team or use PhishDestroy’s takedown portal to help block further abuse.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-24 07:35:26
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["Enkrypt", "Hagezi"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/secure-collab.land
- PhishDestroy: https://phishdestroy.io/domain/secure-collab.land/
- LLM endpoint: https://phishdestroy.io/domain/secure-collab.land/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/secure-collab.land/
Last updated: 2026-04-03