# skybridgecreditunion.sbs — SUSPICIOUS > skybridgecreditunion.sbs is a fake credit union site pushing a credential drainer kit. It was registered on March 19, 2026, and is flagged by 2 of 95. ## Summary PhishDestroy identifies skybridgecreditunion.sbs as a fraudulent domain impersonating a legitimate financial institution to harvest user credentials. The site employs a drainer kit designed to mimic the branding and login flows of SkyBridge Credit Union, tricking visitors into submitting sensitive information under false pretenses. This tactic is commonly deployed to steal banking credentials, enabling attackers to initiate unauthorized transfers or open fraudulent accounts using compromised data. This domain was flagged on March 19, 2026, and resolves to IP 198.251.84.200. The registrar is Dynadot LLC, and the SSL certificate is issued by Let’s Encrypt, which does not validate the site’s legitimacy. VirusTotal analysis reveals 2 out of 95 security vendors detect its malicious nature, while Google Safe Browsing (GSB) has not yet blacklisted it. The low detection rate suggests this is a recently deployed campaign, leveraging minimal infrastructure to evade early detection. The domain’s recent creation and lack of historical data further indicate an opportunistic, short-lived operation aimed at capitalizing on unsuspecting users. The domain remains active as of the latest assessment, with no immediate takedown actions observed. Users should avoid interaction to mitigate risk of credential theft or financial loss. For safety, block this domain and IP at the network level, and report the site to relevant authorities such as Google Safe Browsing or your cybersecurity provider. Remaining risk is elevated due to the domain’s active status, low detection rates, and use of a deceptive financial brand, necessitating proactive avoidance and reporting to prevent further victimization. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-19 21:38:49 - Registrar: Dynadot LLC - IP: 198.251.84.200 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/fdb8a449-0256-4679-8e9a-a7223358a51b - PhishDestroy: https://phishdestroy.io/domain/skybridgecreditunion.sbs/ - LLM endpoint: https://phishdestroy.io/domain/skybridgecreditunion.sbs/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/skybridgecreditunion.sbs/ Last updated: 2026-03-23