# web3portledger.com — SUSPICIOUS > web3portledger.com impersonates Ledger to steal crypto funds. Flagged by 1 of 95 VirusTotal vendors, blocks from 4 security tools. ## Summary PhishDestroy identifies web3portledger.com as an active brand impersonation scam currently targeting users of Ledger hardware wallets. This domain is designed to deceive visitors into believing it is an official Ledger service, leveraging the trusted brand to trick users into entering sensitive credentials or downloading malicious software. The site is currently active and poses an elevated risk to cryptocurrency users. This domain was flagged by 1 of 95 VirusTotal vendors, indicating limited but concerning detection of its malicious nature. It is registered through Dynadot Inc and resolves to IP address 188.114.96.3. The domain was created on November 19, 2025, and has already been blocked by four security services including Polkadot, Codeesura, Enkrypt, and MetaMask. Despite its recent creation, it has gained entry to multiple blocklists and holds an SSL certificate issued by Google Trust Services, which may give users a false sense of security. Given its current status as an active and ongoing threat, users are strongly advised to avoid interacting with web3portledger.com entirely. If you have previously visited this site or entered any information, assume your credentials or system may be compromised and take immediate steps such as changing passwords, revoking API keys, and scanning your device with reputable antivirus software. Always verify URLs manually and use bookmarks for official Ledger services. Report this domain to your security provider and consider sharing this intelligence with your crypto community to prevent further victimization. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registered: 2025-11-19 21:15:58 - Registrar: Dynadot Inc - IP: 188.114.96.3 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 4 hits Lists: ["Polkadot", "Codeesura", "Enkrypt", "MetaMask"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2cdf09f5-dd11-4f23-879f-75fd200027e1 - PhishDestroy: https://phishdestroy.io/domain/web3portledger.com/ - LLM endpoint: https://phishdestroy.io/domain/web3portledger.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/web3portledger.com/ Last updated: 2026-03-22