# www3-vpass.fpbrg.cn — MALICIOUS

> The domain www3-vpass.fpbrg.cn is linked to phishing attacks. Avoid interaction and verify official sources to protect your personal data.

## Summary
PhishDestroy identifies www3-vpass.fpbrg.cn as a high-risk phishing domain designed to deceive users by imitating legitimate VJA Group communications. Despite being taken offline, this site posed a significant threat by attempting to steal sensitive information such as login credentials.

This phishing scheme leverages a convincing Japanese maintenance notice to trick victims into believing they are interacting with the official Vpass service. The fraudulent domain, created in May 2025 and registered through a Chinese entity, was flagged on security blocklists and detected by multiple antivirus engines, signaling its malicious intent.

If users have visited this site, they should immediately change any passwords potentially exposed and monitor their accounts for suspicious activity. It is also recommended to run a comprehensive malware scan and remain cautious of unsolicited messages requesting personal information. Staying informed and vigilant helps mitigate the risks associated with such deceptive domains.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 404)
- Page title: 【重要】メンテナンスのお知らせ｜VJAグループ Vpass

## Domain Intelligence
- Registered: 2025-05-20 20:55:15
- Expires: 2026-05-20 20:55:15
- Registrar: 包头市特木鲁网络科技有限公司
- Country: CN
- IP: 172.67.159.40
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: laila.ns.cloudflare.com yevgen.ns.cloudflare.com
- SSL Issuer: Let's Encrypt / R12

## Detection Status
- VirusTotal: 17 vendors flagged
  Vendors: ["BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "MalwareURL", "Phishing Database", "Seclookup", "SOCRadar", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a8782-b0c8-7318-8e32-2ce4265ca152.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/42a36ef6-4c07-4aac-8e7e-71dea0189705
- Wayback Machine: https://web.archive.org/web/https://www3-vpass.fpbrg.cn
- PhishDestroy: https://phishdestroy.io/domain/www3-vpass.fpbrg.cn/
- LLM endpoint: https://phishdestroy.io/domain/www3-vpass.fpbrg.cn/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/www3-vpass.fpbrg.cn/
Last updated: 2026-03-19