# tusbeneficioscmr.com — MALICIOUS

> Avoid tusbeneficioscmr.com: flagged as a high-risk phishing site. Do not enter personal info or credentials on this active threat domain.

## Summary
PhishDestroy identifies tusbeneficioscmr.com as a high-risk generic phishing domain. Classified under the phishing threat category, it aims to deceive users into divulging sensitive information. The domain was registered recently on March 04, 2026, via PDR Ltd. d/b/a PublicDomainRegistry.com, which is commonly used by malicious actors to obscure ownership.

Technical indicators show this domain is currently resolving to the IP address 69.6.225.181. Analysis via VirusTotal reveals that 19 out of 95 security vendors have flagged tusbeneficioscmr.com, adding to the credibility of this domain as a phishing threat. Moreover, it appears on at least one security blocklist, reinforcing its malicious reputation. This infrastructure snapshot provides vital cues for network defenses and endpoint protections to block or monitor traffic to this IP and domain.

As of now, tusbeneficioscmr.com remains active and continues to pose a significant risk to users. Immediate caution is advised when encountering this domain, and it should be blocked or blacklisted in corporate and personal security setups. PhishDestroy recommends users avoid interacting with the domain and security teams incorporate its indicators of compromise into their threat intelligence feeds to prevent potential credential theft or fraud.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Banco Falabella

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 69.6.225.181
- IP Country: CL
- IP City: Valparaíso
- IP Org: AS31898 Oracle Corporation
- Nameservers: dns3.hostgator.com.br dns4.hostgator.com.br
- SSL Issuer: none

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["Criminal IP", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "DNS8", "ESET", "Emsisoft", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Netcraft", "SOCRadar", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc287-fccc-708a-ba9b-1bc34ea554b9.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/tusbeneficioscmr.com
- PhishDestroy: https://phishdestroy.io/domain/tusbeneficioscmr.com/
- LLM endpoint: https://phishdestroy.io/domain/tusbeneficioscmr.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/tusbeneficioscmr.com/
Last updated: 2026-03-16