# sync-aml.com — MALICIOUS

> sync-aml.com is a high-risk phishing domain currently offline. Avoid interacting with this site to protect your personal data and devices.

## Summary
PhishDestroy identifies sync-aml.com as a high-risk generic phishing domain designed to deceive users into divulging sensitive information. The domain was registered recently on February 21, 2026, and is associated with fraudulent activities aimed at data theft. Due to its phishing classification, users should exercise caution and refrain from engaging with any communication or links related to this domain.

Technical analysis reveals that sync-aml.com appeared on six distinct security blocklists and was flagged in one AlienVault OTX threat pulse, indicating suspicious activity tied to malicious campaigns. VirusTotal analysis shows 16 out of 95 participating security vendors have recognized the domain as malicious, underlining its threat potential. The domain was registered using Dynadot LLC, a common registrar used by malicious actors for quick deployment of phishing operations.

Currently, sync-aml.com has been taken offline, mitigating immediate risks to internet users. PhishDestroy advises users to avoid this domain entirely and remain vigilant against phishing attempts that may reuse similar domain patterns or infrastructure. Continuous monitoring is recommended to track any resurgence or related malicious activities stemming from this threat actor.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Scam type: AML Scam
- Page title: sync-aml.com

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Dynadot LLC
- Country: US
- Nameservers: ["ns1.dyna-ns.net", "ns2.dyna-ns.net"]

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 6 hits
  Lists: ["PhishDestroy", "MetaMask", "Polkadot", "SEAL", "Enkrypt", "Codeesura"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c555b-0404-756b-a914-c0dcf1a86a02.png
- PhishDestroy: https://phishdestroy.io/domain/sync-aml.com/
- LLM endpoint: https://phishdestroy.io/domain/sync-aml.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sync-aml.com/
Last updated: 2026-03-19