# tenzot.icu — MALICIOUS

> tenzot.icu was a phishing domain posing as a security checkpoint page. Stay vigilant and avoid interacting with this domain to protect your credentials.

## Summary
PhishDestroy identifies tenzot.icu as a generic phishing domain designed to deceive users by presenting a fake "Security Check" page. This domain's intent was to trick victims into submitting sensitive information under the guise of a routine verification process. The campaign does not appear to impersonate a specific well-known brand but leverages generic security themes to lure targets.

Technical indicators include the domain's creation date of March 04, 2026, registered via NiceNIC International Group Co., Limited. The domain was flagged by 5 out of 95 security vendors on VirusTotal and listed on one security blocklist, indicating moderate detection by cybersecurity services. The page title "Security Check" was likely used to mimic legitimate security verification screens, a common tactic in phishing schemes to increase user trust.

Currently, tenzot.icu is offline and no longer accessible, reducing its threat risk. Nonetheless, users and organizations should remain cautious of similar phishing attempts that leverage generic security themes. Blocking and monitoring such domains is recommended to prevent credential theft and other forms of fraud. PhishDestroy continues to monitor for related campaigns using similar tactics or infrastructure.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: Security Check

## Domain Intelligence
- Registered: 2026-03-04 17:15:03
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- SSL Issuer: R12

## Detection Status
- VirusTotal: 5 vendors flagged
  Vendors: ["CyRadar", "Fortinet", "Gridinsoft", "Kaspersky", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cba43-1967-71ee-888c-88aec407d57c.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/tenzot.icu
- PhishDestroy: https://phishdestroy.io/domain/tenzot.icu/
- LLM endpoint: https://phishdestroy.io/domain/tenzot.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tenzot.icu/
Last updated: 2026-03-19