# startofficial-trezo-io.zapier.app — MALICIOUS

> startofficial-trezo-io.zapier.app is a credential theft phishing domain flagged by 13/95 VirusTotal scanners.

## Summary
PhishDestroy identifies startofficial-trezo-io.zapier.app as an active credential theft phishing domain designed to harvest user login credentials under the guise of a legitimate service. The domain leverages the trusted 'zapier.app' subdomain to appear authentic while hosting a fraudulent login page that captures submitted credentials for malicious use. Threat actors frequently abuse cloud app subdomains like Zapier to bypass email security filters and social engineering defenses, making this campaign particularly effective against users expecting legitimate integrations.

This domain was flagged by 13 out of 95 VirusTotal security vendors, blocked by PhishingArmy and OISD blocklists, and resolves to IP 64.239.123.193. The SSL certificate issued by Let's Encrypt suggests an attempt to establish trust via HTTPS, despite the domain's malicious purpose. The active status combined with multiple blocklist detections indicates ongoing malicious operations rather than a newly registered or abandoned domain.

Users who visited startofficial-trezo-io.zapier.app should immediately change any credentials entered on the site, enable multi-factor authentication on all affected accounts, and scan devices for malware using updated antivirus software. Report the domain to your email provider and security team to help prevent further propagation. Avoid interacting with similar domains claiming to be official service integrations without independent verification through official channels.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 64.239.123.193

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishingArmy", "OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/startofficial-trezo-io.zapier.app
- PhishDestroy: https://phishdestroy.io/domain/startofficial-trezo-io.zapier.app/
- LLM endpoint: https://phishdestroy.io/domain/startofficial-trezo-io.zapier.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/startofficial-trezo-io.zapier.app/
Last updated: 2026-04-02