# update365b.online — SUSPICIOUS > Beware: update365b.online is a fake Microsoft 365 credential phishing site. 1 security vendor flags it. ## Summary PhishDestroy identifies update365b.online as an active credential-phishing domain impersonating Microsoft 365 login pages to harvest corporate credentials. The domain was registered on March 27, 2026, and already exhibits risky behavior with 1 out of 95 VirusTotal security vendors flagging it as malicious. The site resolves to IP 145.79.213.135 via HOSTINGER operations, UAB and uses a Let’s Encrypt SSL certificate to appear legitimate. This domain combines several red flags: a recent creation date only days old, low detection coverage with just 1/95 positives on VirusTotal, hosting through a consumer-grade provider, and an IP address with mixed reputation. No public blocklists or threat-intel platforms currently list the domain, suggesting the campaign may still be in early deployment. The Let’s Encrypt certificate provides a false sense of security and is commonly abused in credential phishing to avoid browser warnings. Organizations and users should treat any login prompts linked to update365b.online as high-risk. Disable automatic forwarding from shortened URLs or email links that lead to this domain. Verify all login pages by manually navigating to the official Microsoft 365 portal rather than trusting embedded links. If credentials were entered, rotate passwords immediately, enable multi-factor authentication, and scan endpoints for follow-on compromise. Report indicators to PhishDestroy for blocking and threat analysis. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-27 10:12:20 - Registrar: HOSTINGER operations, UAB - IP: 145.79.213.135 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/bc93f4dc-0ac9-4927-810f-402291b8dee0 - PhishDestroy: https://phishdestroy.io/domain/update365b.online/ - LLM endpoint: https://phishdestroy.io/domain/update365b.online/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/update365b.online/ Last updated: 2026-03-27