# swotai.org — SUSPICIOUS

> swotai.org poses as a legitimate service to steal login credentials; flagged by Google Safe Browsing for social engineering. Resolves to 188.114.96.

## Summary
PhishDestroy identifies swotai.org as an active credential harvesting domain currently under investigation for generic phishing activities. The infrastructure is designed to impersonate a legitimate service and lure users into submitting sensitive login information.  

This domain was flagged by Google Safe Browsing for SOCIAL_ENGINEERING and remains undetected by 0 of 95 VirusTotal security vendors as of the latest scan. It resolves to IP 188.114.96.3, utilizes a Google Trust Services SSL certificate, and was registered through Spaceship, Inc. on April 01, 2025. The domain has already been blocked by SEAL and MetaMask and appears on 2 additional security blocklists. Despite its recent creation, its combination of trust scores and lack of vendor detection raises significant concerns.  

The domain’s immediate risk is assessed as active and evolving, with the primary threat being credential theft through fraudulent login pages. Users are strongly advised to avoid accessing swotai.org, verify any suspicious URLs through trusted sources, and report encounters to security teams or browser safety programs. Organizations should consider blocking this domain at the network perimeter and monitoring endpoints for signs of credential exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-04-01 06:25:55
- Registrar: Spaceship, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["SEAL", "MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/swotai.org
- PhishDestroy: https://phishdestroy.io/domain/swotai.org/
- LLM endpoint: https://phishdestroy.io/domain/swotai.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/swotai.org/
Last updated: 2026-04-04