# team-coinbase.store — MALICIOUS

> team-coinbase.store poses a serious brand impersonation threat, mimicking Coinbase to deceive users. Learn about its risks and current status.

## Summary
PhishDestroy identifies team-coinbase.store as a high-risk domain engaged in brand impersonation targeting Coinbase. The site attempts to mislead users by adopting a title closely resembling the legitimate Coinbase platform, aiming to exploit trust in cryptocurrency transactions.

Supporting evidence includes its recent creation date on February 21, 2026, and resolution to an IP address known for suspicious hosting activity. The domain appears on two security blocklists and has been flagged by 14 out of 95 VirusTotal security vendors, indicating significant consensus on its malicious nature. The page title "Coinbase: Buy and Sell Bitcoin Securely | Coin Base" is crafted to confuse users into believing the site is legitimate.

Users are advised to avoid any interaction with this domain as it remains active and continues to pose a threat. Employing updated security solutions and verifying URLs before engaging in financial transactions can mitigate risk. PhishDestroy continues to monitor this domain to protect users from potential scams and phishing attacks.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Target brand: Coinbase
- Page title: Coinbase: Buy and Sell Bitcoin Securely | Coin Base

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 34.120.137.41
- IP Country: US
- IP City: Kansas City
- IP Org: AS396982 Google LLC
- SSL Issuer: E8

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Seclookup", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019afa3a-f3a6-748a-b392-5cc924f90323.png
- PhishDestroy: https://phishdestroy.io/domain/team-coinbase.store/
- LLM endpoint: https://phishdestroy.io/domain/team-coinbase.store/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/team-coinbase.store/
Last updated: 2026-03-19