# todamex.com — SUSPICIOUS

> Todamex.com poses risks by impersonating MEXC. Avoid sharing personal info and never engage with this suspicious offline domain.

## Summary
PhishDestroy identifies todamex.com as a medium-risk phishing domain impersonating the well-known crypto brand MEXC. This deceptive site falsely claims to be a popular online crypto casino based on blockchain technology to lure users into trusting it. Although currently offline, todamex.com had raised red flags due to its creation date being set in the future (March 02, 2026) and its poor trust scores, suggesting fraudulent intent.

The phishing technique used by todamex.com relies on brand impersonation to trick users into believing they are interacting with MEXC. By mimicking MEXC’s reputation and crypto-related offerings, it aims to capture sensitive credentials, financial details, or install malware. Security checks show the domain appeared on a security blocklist and was flagged by 4 out of 95 VirusTotal vendors, indicating partial consensus on its malicious behavior. It resolved to an IP address associated with suspicious activity and was registered through NiceNIC International Group Co., Limited.

Users who have visited todamex.com should immediately cease any communication or transactions linked to this site. It is crucial to change passwords related to any accounts that might have been compromised, especially on crypto platforms. Running a thorough malware scan on devices is recommended to detect potential infections. Always verify domain authenticity before entering personal or financial information and consult trusted security resources like PhishDestroy for current threat updates.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Target brand: MEXC
- Page title: Todamex: Most Popular Online Crypto Casino Based on Blockchain

## Domain Intelligence
- Registered: 2026-03-02 15:00:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: heather.ns.cloudflare.com rick.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["Fortinet", "Gridinsoft", "Netcraft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/Kjjyh75G/3bf82f504cfa.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/adb74569-fb48-4ea8-9aff-4aa79aafe718
- PhishDestroy: https://phishdestroy.io/domain/todamex.com/
- LLM endpoint: https://phishdestroy.io/domain/todamex.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/todamex.com/
Last updated: 2026-03-19