# trezor.io-app.online — MALICIOUS

> trezor.io-app.online is a high-risk phishing domain now offline. Stay vigilant and verify site legitimacy to protect your credentials.

## Summary
PhishDestroy identifies trezor.io-app.online as a high-risk phishing domain targeting users under the guise of a legitimate service. Classified under generic phishing threats, this domain was designed to deceive users by mimicking trusted brands, potentially harvesting sensitive information such as login credentials and financial data.

Technical analysis reveals that trezor.io-app.online was registered on February 21, 2026, through a now-defunct registrar, indicating possible use of disposable or dead domain infrastructure often favored by threat actors to avoid detection. The domain was flagged by 12 out of 95 security vendors on VirusTotal and appeared on four separate security blocklists, reinforcing its malicious reputation. These indicators highlight the domain's association with phishing campaigns and its role in cybercriminal activity.

Currently, trezor.io-app.online is offline, reflecting effective takedown efforts by security teams and domain registrars. Despite its removal, users are urged to remain cautious and verify URLs carefully to prevent falling victim to similar phishing attempts. PhishDestroy continues to monitor such threats and advises organizations to implement strong email filtering and user awareness training to mitigate risks posed by phishing domains.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Target brand: Trezor
- Page title: Trezor Suite App (Official) | The Secure Hub for All Your Digital Assets

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 66.33.60.129
- IP Country: US
- IP City: Walnut
- IP Org: AS16509 Amazon.com, Inc.
- SSL Issuer: R10

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Seclookup", "SOCRadar", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0198f19f-5a87-7555-8aa4-989087875517.png
- PhishDestroy: https://phishdestroy.io/domain/trezor.io-app.online/
- LLM endpoint: https://phishdestroy.io/domain/trezor.io-app.online/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trezor.io-app.online/
Last updated: 2026-03-18