# vote-sanctum.app — SUSPICIOUS

> PhishDestroy identifies vote-sanctum.app as a fake voting portal spreading ballot fraud. Detected by 0/95 engines, users should avoid this Let's Encrypt site.

## Summary
PhishDestroy identifies vote-sanctum.app as a live spam-ballot phishing domain posing as a legitimate polling platform. This domain was flagged on March 12, 2026 through PDR Ltd. d/b/a PublicDomainRegistry.com and currently resolves to IP 172.67.184.226. It carries a Let’s Encrypt SSL certificate and has evaded detection by 0 out of 95 VirusTotal scanners as of this alert.  

The campaign’s goal is to harvest voter credentials and personal data under the guise of an official ballot portal. Attackers exploit the Let’s Encrypt certificate to lend false authenticity, luring users into entering sensitive information such as names, addresses, and voting preferences. The domain’s youth—created just days ago—combined with zero current detections, increases the risk of mass exposure before blocklists catch up. Timeliness and low visibility make this a fast-moving threat capable of affecting thousands before standard defenses respond.  

Users who visited or entered data at vote-sanctum.app should immediately change any reused passwords and monitor financial accounts for unusual activity. Run a full antivirus scan and consider revoking any credentials shared on the site. Report the domain to your IT team or security provider and submit it to urlVoid or PhishDestroy for further analysis. If your organization uses DNS filtering, add vote-sanctum.app to blocklists immediately to prevent further exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-12 23:25:45
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 172.67.184.226

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2d81ed95-5ee4-47d4-b9f3-1efc557ddbda
- PhishDestroy: https://phishdestroy.io/domain/vote-sanctum.app/
- LLM endpoint: https://phishdestroy.io/domain/vote-sanctum.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/vote-sanctum.app/
Last updated: 2026-03-30