# webverssion.app — SUSPICIOUS > PhishDestroy identifies webverssion.app hosting a fake software update scam. Only 0 of 95 VirusTotal engines flagged it—Check the full report. ## Summary PhishDestroy identifies the domain webverssion.app as the infrastructure behind an active fake software update phishing campaign. The threat is currently under investigation, with no confirmed brand impersonation at this stage. The domain is live and serving malicious content designed to trick users into downloading counterfeit software updates. According to the latest telemetry, webverssion.app was flagged by 0 out of 95 VirusTotal vendors, indicating it remains undetected by most security solutions as of the time of analysis. The domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 13, 2026, and resolves to the IP address 188.114.97.3. Historical data shows no prior associations with known blocklists, and trust scores from reputable sources remain uncalculated due to its recent creation. The SSL certificate, issued by Let's Encrypt, does not correlate with any legitimate software vendor. Given the absence of vendor detections and the domain's recent registration, the risk level is classified as under investigation but active. Organizations and end-users should treat this domain with extreme caution and implement immediate defensive measures. It is strongly recommended to block all traffic to and from webverssion.app at the network perimeter and DNS level. Additionally, users should be alerted through security awareness training to avoid interacting with unsolicited software update prompts. Continuous monitoring of this domain is advised, as indicators may evolve rapidly. Security teams are encouraged to submit samples or telemetry to threat intelligence platforms for further analysis. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-13 09:16:23 - Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2375a962-c974-4074-8347-68357453774a - PhishDestroy: https://phishdestroy.io/domain/webverssion.app/ - LLM endpoint: https://phishdestroy.io/domain/webverssion.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/webverssion.app/ Last updated: 2026-03-23