# trustpromo.org — SUSPICIOUS

> Trustpromo.org is a newly uncovered credential-harvesting domain registered April 2nd, 2026. Flagged by 0 of 95 VirusTotal vendors, this site lures users with.

## Summary
PhishDestroy identifies trustpromo.org as an active, generic phishing domain posing as a promotional rewards portal. The domain is currently classified as under investigation with an 'active' status, indicating active use in malicious campaigns. No specific brand is being impersonated at this time; the threat is a standalone lure designed to deceive users into entering sensitive information such as login credentials, payment details, or personal data.

This domain was flagged by 0 of 95 VirusTotal vendors as of seed 55c29a. It was registered through Ultahost, Inc., resolves to IP address 89.187.73.112, and was created on April 02, 2026. The domain holds a valid SSL certificate issued by Let’s Encrypt, which may increase user trust and lower suspicion during initial interactions. Additional threat intelligence indicates no current blocklist presence, further supporting the need for proactive monitoring and user awareness.

Users are strongly advised to avoid visiting trustpromo.org or clicking any links associated with this domain. Organizations should ensure email filtering rules, DNS sinkholes, and endpoint detection systems are updated to block traffic to 89.187.73.112. Report suspicious emails or domains to your security team or relevant abuse channels, such as Let’s Encrypt or Ultahost, to aid in takedown efforts. Stay vigilant and verify promotional offers directly through official brand channels before engagement.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-02 17:37:18
- Registrar: Ultahost, Inc.
- IP: 89.187.73.112

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/trustpromo.org
- PhishDestroy: https://phishdestroy.io/domain/trustpromo.org/
- LLM endpoint: https://phishdestroy.io/domain/trustpromo.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/trustpromo.org/
Last updated: 2026-04-06