MalwareTips
Security Review

Is acct.caixesp-finbk.com legit or a scam?

Our verdict:Dangerous· 1/100

A malicious phishing site impersonating CaixaBank through a typosquatted domain to harvest sensitive financial information.

Top reasons
Domain is a typosquat designed to impersonate the legitimate caixabank.com.Flagged as phishing by alphaMountain.ai and Fortinet.Identified as a clone site using stolen banking branding and marketing text.
acct.caixesp-finbk.comScanned 1h ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 0·MT 12
Category tags
phishingfinancial fraud#phishing#clone site95% MT confidence
Warning signals (1)
Domain is 7 months old

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
3/92
Engines flagged this URL
Domain Age
7 months old
Registered Nov 10, 2025
MT Intelligence
Dangerous
Critical likelihood · 95% confidence
DANGEROUS

Brand impersonation — not the real site

2 of 92 antivirus engines flag this page. This page is styled as a brand but is not the brand's real site. Go to the official site directly, and treat any download, login, or payment request here as unsafe.

Website Preview

Screenshot of acct.caixesp-finbk.com
LIVE RENDER
acct.caixesp-finbk.com

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust12/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The domain is a clear typosquat of the legitimate caixabank.com, using a confusingly similar name to trick users. Our intelligence stack identified that the site content is a direct clone of real banking assets, yet it lacks any physical address, regulatory licensing, or valid contact details. Multiple security engines, including alphaMountain.ai and Fortinet, have flagged the site for phishing. The presence of a directory index showing ZIP files and cgi-bin folders is a common sign of a poorly configured phishing kit deployment. Furthermore, the site mixes contradictory banking terms, such as referencing US-based Merrill Edge while pretending to be a European 'Caixa' entity.
Full dossier
Analysis complete

Page Content

The site serves a directory index at the root, exposing internal files like 'es(1).zip', which often contains the phishing templates used to build the site. The /es/ subdirectory displays a 'Caixa Capital Group' interface that copies marketing text from various legitimate banks, including mentions of rewards and investment services that do not belong to this entity.

Infrastructure

The site is hosted on a shared IP range (185.198.59.26) alongside numerous unrelated and suspicious domains. It uses a LiteSpeed Web Server and a Let's Encrypt SSL certificate, which are frequently used by short-lived fraudulent sites to appear secure to the average user.

Domain History

Registered 221 days ago through Cosmotown, the domain has no established history or global traffic ranking. The registration data is hidden, and the name 'acct.caixesp-finbk.com' is specifically structured to look like a legitimate 'account' subdomain of a financial institution.

Web Reputation

The site has zero positive reputation and is actively flagged by our antivirus partners. It has no presence on social media, no official business listings, and no mentions in legitimate financial news, which is impossible for a real bank managing 'Capital Group' assets.
Risk Factors
7
  • Domain is a typosquat designed to impersonate the legitimate caixabank.com.
  • Flagged as phishing by alphaMountain.ai and Fortinet.
  • Identified as a clone site using stolen banking branding and marketing text.
  • No evidence of business registration or financial licensing found.
  • Exposes directory indexes and ZIP files typical of phishing kits.
  • Lacks any physical address or verifiable contact information.
  • Uses contradictory branding, mixing European banking names with US investment products.
Positive Signals
2
  • The domain has been active for over 200 days without being taken down.
  • Uses a valid SSL certificate for encrypted connections.
AI Recommendation
Avoid this website entirely and do not provide any login credentials or personal data. If you have already entered information, contact your bank immediately to secure your accounts.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for acct.caixesp-finbk.com, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
7 months
Registered Nov 2025
Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Clones caixabank.com
The page impersonates a well-known brand's site.
Typosquat check
Typosquat of caixabank.com
Deliberate misspelling of a real brand's domain.
Web mentions
No scam reports found
No complaints, no negative coverage turned up in our sweep.
Key findings
7 headline facts from open-web research
  • Domain hosts a directory index at root (https://caixesp-finbk.com/) showing only cgi-bin/ and es/ subdirectories, served by LiteSpeed Web Server.
  • The /es/ subdirectory serves pages titled "Caixa Capital Group" promoting banking products such as savings accounts with interest, current accounts with rewards, auto loans, and financial planning.
  • Content includes copied or generic banking marketing text (e.g., "2% back in Rewards", "$175 when you switch", "Merrill Edge" investing) but lacks any contact details, physical address, regulatory licenses, privacy policy, or footer informa
  • The domain shares IP range 185.198.58.0/23 with hundreds of other domains, many unrelated or potentially suspicious (e.g., capital-profit.net, coingate.shop, adult sites).
  • No mentions of the domain or "caixesp-finbk.com" appear in scam reports, reviews, Reddit, news, or complaints across web searches.
  • No official registration or licensing found for "Caixa Capital Group" as a bank; real Caixa entities (CaixaBank, CGD/Caixa Capital) use caixabank.com, cgd.pt, and similar verified domains.
  • Domain age of 221 days aligns with a recently created site lacking transparency typical of legitimate financial institutions.
Impersonation / typosquat
Typosquat of caixabank.com

Domain name mimics 'Caixa' (major Spanish/Portuguese banks like CaixaBank and CGD/Caixa). Content copies generic banking product descriptions (savings accounts, current accounts, rewards, Merrill Edge references) from real banks but mixes unrelated US-style elements (Merrill Edge is Bank of America). No real contact, regulation, or legal info.

Research summary
Narrative write-up from our AI analyst, grounded on the facts above
We searched scam-report databases, consumer-review sites, and general web sources for acct.caixesp-finbk.com and didn't find specific scam reports or complaints. For a low-traffic phishing site, this is expected as these domains are often used in targeted attacks. No company registration, banking license, or official business records were found for this entity in any financial jurisdiction.

Scam Network Intelligence

Cross-site correlation

This site shares signals with a broader cluster

Critical cluster

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
0/100
ClearLowModerateHighCritical
Evidence (2)
  • Evidence confirms this site is a clone of caixabank.com.
  • Domain is a typosquat of caixabank.com.
Linked signals (2)
Clone of caixabank.comTyposquat of caixabank.com

Antivirus Engines

Detection matrix · live
3 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

2Malicious1Suspicious57Harmless92Engines
0
of 92
alphaMountain.ai
Malicious· phishing
Fortinet
Malicious· phishing
SOCRadar
Suspicious· suspicious

3 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbers2025-11-24 14
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No postal address visible on the page.
  • Phone number listed (2025-11-24 14).

Domain & Encryption

Domain History
Age7 months old
RegistrarTuringSign Inc. d/b/a Cosmotown
RegisteredNov 10, 2025
ExpiresNov 10, 2026
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · R13
ExpiresAug 24, 2026 (65d)
Self-signedNo
Hosting & Technology
HostingHost Sailor Ltd
Server locationRO
Web serverLiteSpeed

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPHost Sailor Ltd
Usage typeData Center/Web Hosting/Transit

Scam-Type Likelihood

2 scam-type patterns detected
Scam-Type Likelihood

2 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Brand Impersonation
Brand Impersonation
Moderate likelihood
50/100
  • Domain is a typosquat of caixabank.com.
  • AI analyst tagged this as a brand / clone-site impersonation.
  • Clustered with known brand-impersonation infrastructure.
Phishing
Moderate likelihood
35/100
  • Domain is a typosquat of caixabank.com.
  • AI analyst tagged this as phishing / data-harvesting.

Brand impersonation detected

This page is styled as a known brand but is not the brand's real site.

  • Do not interact with acct.caixesp-finbk.com

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Go to the brand's real site directly

    Type the brand name into a search engine or open it from your bookmarks — don't use links from emails, SMS, ads, or social posts, which are the delivery vectors for impersonation.

  • Never download or sign in here

    Even if the page "just" offers a download or a giveaway, impersonation pages frequently deliver malware or set up follow-up phishing. Assume anything accepted from this site is hostile.

  • Report the impersonation to the brand

    Most major brands have a dedicated abuse or anti-phishing reporting channel — reporting helps them take the site down and protects other users.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags acct.caixesp-finbk.com as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — acct.caixesp-finbk.com scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. acct.caixesp-finbk.com presents a valid TLSv1.3 certificate issued by Let's Encrypt · R13, expiring in 65 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • acct.caixesp-finbk.com is 7 months old, registered on 11/10/2025 through TuringSign Inc. d/b/a Cosmotown. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • 3 out of 92 antivirus engines in our malware network flagged acct.caixesp-finbk.com as malicious or suspicious (2 outright malicious). Even one detection is a meaningful signal.
  • No. acct.caixesp-finbk.com is not currently listed on the major browser blocklist feeds that modern browsers use.
  • acct.caixesp-finbk.com resolves to an IP operated by Host Sailor Ltd in RO (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 19, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around acct.caixesp-finbk.com have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·acct.caixesp-finbk.com
DANGEROUS

This is a fraudulent banking site designed to impersonate CaixaBank and steal financial credentials. It uses a deceptive domain name and lacks any legitimate business registration or contact information. Do not enter any personal or banking details.

Avoid this website entirely and do not provide any login credentials or personal data. If you have already entered information, contact your bank immediately to secure your accounts.

AV engines
92
MT passes
2
Net signals
2
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust8
kk-ke.top
22m ago
Read the review
Dangeroustrust8
bitly.cx
1h ago
Read the review
Dangeroustrust1
security-indexer--adamlee160686.replit.app
1h ago
Read the review
Dangeroustrust1
jbapamxtra.my
1h ago
Read the review
Dangeroustrust17
balancer-chainlink.com
2h ago
Read the review
Dangeroustrust1
asdfghjkjhgfdsaq1.vercel.app
2h ago
Read the review
Dangeroustrust19
yfibalancer.finance
2h ago
Read the review
Dangeroustrust32
msportsx.xyz
2h ago
Read the review
Dangeroustrust1
tealsmoorebag.pages.dev
2h ago
Read the review
Dangeroustrust1
ecocashquickloans.vercel.app
2h ago
Read the review
Dangeroustrust1
css-ch.blogspot.com
2h ago
Read the review
Dangeroustrust1
web-git-herman-cons-1985-responsive-web-changes-uniswap.vercel.app
2h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.