# zoomsecure.sbs — SUSPICIOUS

> zoomsecure.sbs is actively used for credential phishing. Avoid sharing personal info and block access immediately for your safety.

## Summary
PhishDestroy identifies zoomsecure.sbs as an active credential phishing domain with a medium risk level. This classification is based on its intent to deceive users into submitting sensitive login credentials, potentially leading to unauthorized account access and data theft.

The domain zoomsecure.sbs is associated with suspicious infrastructure. It resolves to the IP address 216.198.79.1 and is registered through NameSilo, LLC. Notably, it appears on two security blocklists, reinforcing its malicious status. Despite its recent creation date of March 4, 2026, the domain is already flagged for phishing activities, indicating rapid deployment for fraudulent purposes.

Users are strongly advised to avoid interacting with zoomsecure.sbs, refrain from entering any personal information, and ensure their security software blocks this domain. Organizations should update their blocklists accordingly. PhishDestroy confirms that zoomsecure.sbs remains active and continues to pose a threat, emphasizing the importance of vigilance against evolving phishing tactics.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Target brand: Microsoft
- Page title: Get Zoom Workplace - Microsoft Store

## Domain Intelligence
- Registered: 2026-03-04 23:07:01
- Registrar: NameSilo, LLC
- Country: US
- IP: 216.198.79.1
- IP Country: US
- IP City: Walnut
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: ns1.dnsowl.com ns2.dnsowl.com ns3.dnsowl.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["alphaMountain.ai", "Fortinet", "URLQuery", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/nqKrk68d/186b13c0e3c2.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/zoomsecure.sbs
- PhishDestroy: https://phishdestroy.io/domain/zoomsecure.sbs/
- LLM endpoint: https://phishdestroy.io/domain/zoomsecure.sbs/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/zoomsecure.sbs/
Last updated: 2026-03-19