# t.gettrustpayment.live — SUSPICIOUS > PhishDestroy identifies t.gettrustpayment.live as a fake payment portal phishing domain hosting a replica of a legitimate checkout page. Resolves to IP 185.246. ## Summary PhishDestroy flags t.gettrustpayment.live as a generic phishing domain currently under investigation. This site poses as a trustworthy payment portal to harvest credit-card credentials and personal data from unsuspecting users. The threat is active and specific: credential theft under the guise of a payment verification page. This domain was flagged by PhishDestroy with a risk level of under investigation and a threat type of generic_phishing. Technical indicators include resolution to IP 185.246.190.216, an SSL certificate issued by Let’s Encrypt, and a current VirusTotal detection score of 0/95 engines. The domain’s creation date, registrar, and any presence on public blocklists are not yet confirmed in open-source intelligence feeds. Trust scores remain neutral due to the absence of historical telemetry and the short operational window. Mitigation steps for users encountering t.gettrustpayment.live are immediate and decisive. Close the browser tab or window without interacting with any form, link, or button on the page. Do not enter any payment card numbers, CVV codes, billing addresses, or personal identifiers. Clear browser cookies and cached data associated with the domain and run a reputable antivirus or anti-phishing scan. Report the domain to your browser vendor and to PhishDestroy’s abuse portal for rapid takedown. Forward any suspicious emails referencing this domain to your email provider’s security team to prevent further propagation. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 185.246.190.216 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/t.gettrustpayment.live - PhishDestroy: https://phishdestroy.io/domain/t.gettrustpayment.live/ - LLM endpoint: https://phishdestroy.io/domain/t.gettrustpayment.live/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/t.gettrustpayment.live/ Last updated: 2026-04-04