# uphold-io.pro — SUSPICIOUS > Beware! uphold-io.pro impersonates Uphold to steal crypto via fake login. Confirmed on VirusTotal: 0/95 detections. Verify now with PhishDestroy. ## Summary PhishDestroy identifies an active phishing campaign targeting cryptocurrency users via the deceptive domain uphold-io.pro, designed to impersonate the legitimate Uphold platform. This domain, created on March 15, 2024, was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and resolves to IP address 188.114.96.3. Security scans via VirusTotal currently show 0 out of 95 antivirus engines flagging the domain, indicating a low detection rate among mainstream tools. The domain is equipped with a Let's Encrypt SSL certificate, which may further lend false legitimacy to the fraudulent site. Technical analysis reveals that uphold-io.pro is likely being used as a crypto drainer, a type of phishing attack where victims are tricked into connecting their cryptocurrency wallets or entering login credentials on a fake login page. The domain name closely mimics the legitimate uphold.com, exploiting user trust and typing errors. Notably, the domain's age and recent creation (March 15, 2024) suggest a hastily deployed operation, possibly targeting users during periods of high market activity or following legitimate platform communications. The hosting infrastructure, shared across a known IP block, has been observed in other low-reputation campaigns, though this specific IP shows no prior association with major crypto phishing blocks as of latest checks. Users who have visited uphold-io.pro or entered any information must immediately revoke any connected wallet permissions using tools like WalletConnect or MetaMask’s connected sites manager. If login credentials were entered, change passwords on the official Uphold platform and enable two-factor authentication (2FA). Scan connected devices for malware, as crypto drainers often deploy keyloggers or clipboard hijackers. Report the domain to PhishDestroy and block it on your network. Do not interact further with this domain or any links from unsolicited emails or messages referencing Uphold or similar services. Always verify URLs through official channels and use browser extensions that detect phishing domains in real time. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-15 15:04:27 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/69e7aae2-463a-4d9b-9e1a-35c7ce34d698 - PhishDestroy: https://phishdestroy.io/domain/uphold-io.pro/ - LLM endpoint: https://phishdestroy.io/domain/uphold-io.pro/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/uphold-io.pro/ Last updated: 2026-03-23