# trustwallet.promo — SUSPICIOUS > PhishDestroy identifies trustwallet.promo as a counterfeit Trust Wallet site luring cryptocurrency users. ## Summary PhishDestroy identifies the domain trustwallet.promo as an active brand-impersonation scam targeting Trust Wallet users. This fraudulent site mimics Trust Wallet’s branding to deceive visitors into entering wallet recovery phrases or private keys, risking direct theft of cryptocurrency assets. PhishDestroy’s analysis reveals that trustwallet.promo was registered on April 02, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com, and currently resolves to IP address 172.67.75.44. The domain is already blocked by multiple security vendors including SEAL and MetaMask, and has been listed on 2 separate phishing blocklists. Critically, VirusTotal currently shows 0 detections out of 95 security engines, indicating that most antivirus systems have not yet flagged this threat. This domain employs a classic phishing playbook: it uses a lookalike domain (trustwallet.promo) to exploit user trust in the legitimate Trust Wallet brand. The SSL certificate issued by Let’s Encrypt may further convince visitors of its legitimacy. The site’s recent creation date—just days ago—suggests an opportunistic campaign likely timed to coincide with market activity or promotional events. While 0 detections on VirusTotal is not uncommon for newly launched phishing sites, the presence on two blocklists and blocks by SEAL and MetaMask indicate early detection by specialized security systems. The absence of detections also underscores the importance of proactive threat intelligence over reactive scanning. Users who have visited trustwallet.promo are strongly advised to take immediate action. First, disconnect any device used to access the site from the internet. Next, check for downloaded files or unauthorized browser extensions. If you entered any wallet recovery phrase, private key, or password on the site, transfer remaining funds to a new wallet immediately using only verified, official applications. Report the incident to Trust Wallet’s official support channels and consider revoking any exposed credentials. Always verify website URLs and use bookmarks or official apps for wallet access—never follow links from emails or ads. Staying vigilant and using layered security tools like browser security extensions can prevent further exposure. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Trust Wallet ## Domain Intelligence - Registered: 2026-04-02 21:41:50 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 172.67.75.44 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["SEAL", "MetaMask"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/trustwallet.promo - PhishDestroy: https://phishdestroy.io/domain/trustwallet.promo/ - LLM endpoint: https://phishdestroy.io/domain/trustwallet.promo/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/trustwallet.promo/ Last updated: 2026-04-04