# sumeshofficial.github.io — MALICIOUS

> sumeshofficial.github.io is a fake giveaway phishing site flagged by 18/95 VirusTotal engines. Learn what it pretends to be and how to stay safe.

## Summary
PhishDestroy identifies sumeshofficial.github.io as a high-risk fake giveaway phishing site currently active and actively targeting unsuspecting visitors.

This domain was flagged by Google Safe Browsing for social engineering tactics and is detected by 18 out of 95 VirusTotal security vendors as malicious. The site resolves to IP 185.199.108.153, uses a Let's Encrypt SSL certificate for legitimacy appearance, and is hosted on GitHub Pages, which makes it harder to distinguish from legitimate content. The domain was registered through GitHub, Inc., which does not require traditional domain registration details like creation date, making it difficult to trace origins.

If you visited sumeshofficial.github.io, do not enter any personal information, download anything, or click on any links. The site likely mimics a legitimate giveaway or promotional offer to trick users into revealing login credentials, financial details, or installing malware. Disconnect from the internet if you suspect compromise, run a full antivirus scan, and change passwords for any accounts you may have used on the site. Report the domain to your browser provider or security vendor to help block future access. Avoid interacting with any pop-ups or unexpected requests that appear after visiting this domain.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 18 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/bf563cc0-f9b5-4af3-8c9a-a8ee3a9c9ee0
- PhishDestroy: https://phishdestroy.io/domain/sumeshofficial.github.io/
- LLM endpoint: https://phishdestroy.io/domain/sumeshofficial.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sumeshofficial.github.io/
Last updated: 2026-03-24