# www.adobe-ai.vip — SUSPICIOUS > PhishDestroy flags www.adobe-ai.vip as brand impersonation posing as Adobe. VirusTotal shows 0/95 detections. Do not enter credentials or download files. ## Summary PhishDestroy identifies the active domain www.adobe-ai.vip as a brand impersonation campaign designed to masquerade as Adobe’s official services. The threat actor registered the domain on March 22, 2026, through Dominet (HK) Limited, a registrar frequently abused in low-cost bulk registrations. The site resolves to IP 188.114.96.3 and currently presents a valid Let’s Encrypt SSL certificate, increasing its credibility to unsuspecting users. The domain has not yet been blocked by any major threat intelligence feeds and remains undetected by 95 VirusTotal scanners, indicating a fresh, rapidly evolving campaign that has yet to be widely recognized by security vendors. Technical indicators confirm this is a credential theft operation. The domain mimics Adobe’s branding to trick users into entering login credentials on a fraudulent login portal, likely harvesting credentials for Adobe Creative Cloud, Document Cloud, or other Adobe services. The absence of detections (0/95 on VirusTotal) and the recent domain creation date (March 22, 2026) suggest the threat actor is operating with minimal operational security, rapidly deploying new domains to evade detection. The use of a legitimate SSL certificate further lowers user suspicion, increasing the likelihood of successful credential harvesting. Based on these indicators, the risk level is classified as active and under investigation, with a high potential for credential compromise. Users who have visited www.adobe-ai.vip should immediately check their Adobe accounts for unauthorized access and enable multi-factor authentication (MFA) if not already active. Do not enter any login credentials or download files from this domain. If credentials were entered, change the password immediately and monitor the account for suspicious activity. Report the domain to Adobe’s phishing reporting channels and update browser blocklists. Users should also verify any Adobe-related links by navigating directly to adobe.com or using official Adobe apps, and avoid clicking on links from unsolicited emails or messages. Stay vigilant and treat this domain as hostile until further investigation confirms otherwise. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-22 14:39:17 - Registrar: Dominet (HK) Limited - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/133e4bd4-ad9b-40df-8aa3-e68bd97a5ed5 - PhishDestroy: https://phishdestroy.io/domain/www.adobe-ai.vip/ - LLM endpoint: https://phishdestroy.io/domain/www.adobe-ai.vip/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/www.adobe-ai.vip/ Last updated: 2026-03-22