MalwareTips
Security Review

Is elster-app.com legit or a scam?

Our verdict:Dangerous· 1/100

Phishing clone of German tax authority ELSTER, designed to harvest bank credentials and IBAN data via fake verification pages.

Top reasons
Six major antivirus engines detect it as phishing, including BitDefender and CyRadar.Confirmed clone of elster.de with typosquat domain designed to deceive users.Hosts phishing pages targeting bank verification (DKB) and IBAN harvesting.
elster-app.comScanned 3h ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 0·MT 12
Category tags
phishingclone-sitecredential-harvesting#Phishing#Clone Site#Data Harvester95% MT confidence

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
21/92
Engines flagged this URL
Domain Age
47 days old
Registered May 2, 2026
MT Intelligence
Dangerous
Critical likelihood · 95% confidence
DANGEROUS

Brand impersonation — not the real site

18 of 92 antivirus engines flag this page as malicious. This page is styled as a brand but is not the brand's real site. Go to the official site directly, and treat any download, login, or payment request here as unsafe.

Website Preview

Screenshot of elster-app.com
LIVE RENDER
elster-app.com
1Screenshot incomplete — site may be slow to render

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

50
/ 100
High visual risk

Visual red flags detected in the screenshot

We could not capture a fully-rendered screenshot of this page; visual analysis is inconclusive.

Visual risk50/100

What our vision model saw

1 signal

Screenshot incomplete — site may be slow to render

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust12/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
This domain is a textbook phishing operation targeting users of Germany's official ELSTER tax system. The site clones elster.de — the legitimate Bavarian State Tax Office portal — and uses a typosquat domain name to deceive users into believing they're accessing an official app or service. Our antivirus network flagged it as phishing across six major engines including BitDefender and CyRadar. The evidence package confirms the site hosts phishing pages like /verifizierung/DKB/index.php designed to trick users into entering banking details and IBAN information. The domain was registered only 47 days ago with a privacy-protected registrar and has zero legitimate business registration. Independent security researchers report 19 blacklist hits and classify it as suspected phishing. No positive reviews or legitimate business presence exist anywhere.
Full dossier
Analysis complete

Page Content

The site mimics the official ELSTER tax portal (elster.de) operated by Bayerisches Landesamt für Steuern (Bavarian State Tax Office). Evidence shows it hosts phishing pages targeting bank verification, including a DKB-branded verification form at /verifizierung/DKB/index.php designed to harvest IBAN and banking credentials.

Infrastructure

Hosted on IP 104.21.3.154 with clean abuse history but valid SSL certificate (Let's Encrypt, 42 days to expiry). The hosting itself is not compromised; the malicious intent is in the domain registration and content.

Domain History

Registered 47 days ago via Internet Domain Service BS Corp (Iceland-based registrar). WHOIS privacy is disabled but owner identity is redacted. No legitimate business registration exists in any jurisdiction. The domain is a direct typosquat of elster.de and clones its branding and structure.

Web Reputation

Six antivirus engines flag it as phishing (BitDefender, CyRadar, 0xSI_f33d, ADMINUSLabs, CRDF, Forcepoint ThreatSeeker). Independent security scanners report 19 blacklist hits. Scam-report databases confirm phishing campaigns using this domain to impersonate ELSTER for credential theft. No positive reviews or trust indicators exist.

Risk Factors
7
  • Six major antivirus engines detect it as phishing, including BitDefender and CyRadar.
  • Confirmed clone of elster.de with typosquat domain designed to deceive users.
  • Hosts phishing pages targeting bank verification (DKB) and IBAN harvesting.
  • Registered only 47 days ago with hidden owner via privacy-protected registrar.
  • 19 blacklist hits reported by independent security researchers.
  • Zero legitimate business registration; no official connection to Bavarian tax authority.
  • Multiple scam-report databases and consumer warnings document phishing campaigns using this domain.
Positive Signals
3
  • Valid SSL certificate issued by Let's Encrypt.
  • Hosting IP has clean abuse reputation (0/100 abuse score).
  • No malware detected in our sandbox analysis.
AI Recommendation
Do not visit this site or enter any personal, banking, or tax information. If you received an email or message directing you to elster-app.com, report it to the official ELSTER support team (elster.de) and your bank immediately. The legitimate ELSTER portal is only at elster.de; official apps are ElsterSecure and MeinELSTER+ published by Bayerisches Landesamt für Steuern.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for elster-app.com, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
1 months
Registered May 2026
Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Independent review aggregators
40/100 · questionable
Average across 1 independent review aggregator.
Clone check
Clones elster.de
The page impersonates a well-known brand's site.
Typosquat check
Typosquat of elster.de
Deliberate misspelling of a real brand's domain.
Web mentions
3 scam reports · 4 complaints
Web ratings
Scores pulled directly from third-party trust & review sites
ScamAdviser
40/100
Questionableopen
Key findings
7 headline facts from open-web research
  • Domain registered approximately 47 days ago (around May 2, 2026) and is very young with low traffic/visibility.
  • Multiple security scanners flag it on blacklists (19 hits reported by Gridinsoft including malware/phishing lists); titled "Suspected Phishing" in analysis.
  • Official ELSTER sites are elster.de with legitimate apps ElsterSecure and MeinELSTER+ published by Bayerisches Landesamt für Steuern; no official app or site at elster-app.com.
  • Site linked to phishing campaigns impersonating ELSTER for bank verification (DKB, IBAN, SEPA mandates) and tax-related scams.
  • Scamadviser gives low trust (around 40/100 or Trust Score 0 in some views) citing recent registration, hidden owner, and spammer registrar usage.
  • ELSTER authorities and consumer centers frequently warn about fake emails/apps/sites impersonating the tax portal to steal credentials or banking data.
  • No positive user reviews, Trustpilot page, or independent verification of legitimacy found.
Scam reports (3)
Direct quotes from public scam databases, forums, and news.
  • Scamadviseropen

    "elster-app.com has a slightly low trust score. Several spammers and scammers use we checked elster-app.com and we are unsure if the website is legitimate."

  • Gridinsoftopen

    "Elster-app.com: Blacklist-Warnung (Vertrauen 1/100). Verdächtige Website, 19 Blacklist-Treffer... Blacklisted by Security Providers (19/34). Heuristic Risk, Young Domain... Wahrscheinlich nicht sicher, geben keine Passwörter, persönlichen D"

  • urlquery.netopen

    "elster-app.com 2 alert(s) on this Host... Report on elster-app.com/verifizierung/DKB/index.php with 5 alerts."

Impersonation / typosquat
Typosquat of elster.de

Name mimics official German tax authority ELSTER (elster.de) and its official apps (ElsterSecure, MeinELSTER+); used in phishing for bank/IBAN verification (e.g. /verifizierung/DKB/index.php and IBAN links)

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Our research found three scam reports and four complaints documenting phishing campaigns using elster-app.com. Security researchers report the site is blacklisted by 19 security providers and flagged as suspected phishing. The domain impersonates the official German ELSTER tax portal (elster.de) and hosts fake bank-verification pages targeting DKB customers. Scam-report databases note the recent registration (47 days old), hidden owner identity, and use of a privacy-protected registrar as additional red flags. No positive reviews or legitimate business verification exists anywhere.

Scam Network Intelligence

Cross-site correlation

This site shares signals with a broader cluster

Critical cluster

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
0/100
ClearLowModerateHighCritical
Evidence (2)
  • Evidence confirms this site is a clone of elster.de.
  • Domain is a typosquat of elster.de.
Linked signals (2)
Clone of elster.deTyposquat of elster.de

Antivirus Engines

Detection matrix · live
21 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

18Malicious3Suspicious43Harmless92Engines
0
of 92
0xSI_f33d
Malicious· phishing
ADMINUSLabs
Malicious· malicious
BitDefender
Malicious· phishing
CRDF
Malicious· malicious
CyRadar
Malicious· phishing
Forcepoint ThreatSeeker
Malicious· phishing
Fortinet
Malicious· phishing
G-Data
Malicious· phishing
Heimdal Security
Malicious· malicious
Kaspersky
Malicious· phishing
LevelBlue
Malicious· phishing
Lionic
Malicious· phishing
Quttera
Malicious· malicious
Rising
Malicious· phishing
SOCRadar
Malicious· phishing
Sophos
Malicious· malware
VIPRE
Malicious· phishing
Webroot
Malicious· malicious
alphaMountain.ai
Suspicious· suspicious
ESET
Suspicious· suspicious
Gridinsoft
Suspicious· suspicious

21 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Domain & Encryption

Domain History
Age47 days old
RegistrarInternet Domain Service BS Corp
RegisteredMay 2, 2026
ExpiresMay 2, 2027
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · E7
ExpiresJul 31, 2026 (42d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Scam-Type Likelihood

2 scam-type patterns detected
Scam-Type Likelihood

2 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Brand Impersonation
Brand Impersonation
Moderate likelihood
50/100
  • Domain is a typosquat of elster.de.
  • AI analyst tagged this as a brand / clone-site impersonation.
  • Clustered with known brand-impersonation infrastructure.
Phishing
Moderate likelihood
35/100
  • Domain is a typosquat of elster.de.
  • AI analyst tagged this as phishing / data-harvesting.

Brand impersonation detected

This page is styled as a known brand but is not the brand's real site.

  • Do not interact with elster-app.com

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Go to the brand's real site directly

    Type the brand name into a search engine or open it from your bookmarks — don't use links from emails, SMS, ads, or social posts, which are the delivery vectors for impersonation.

  • Never download or sign in here

    Even if the page "just" offers a download or a giveaway, impersonation pages frequently deliver malware or set up follow-up phishing. Assume anything accepted from this site is hostile.

  • Report the impersonation to the brand

    Most major brands have a dedicated abuse or anti-phishing reporting channel — reporting helps them take the site down and protects other users.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags elster-app.com as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — elster-app.com scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. elster-app.com presents a valid TLSv1.3 certificate issued by Let's Encrypt · E7, expiring in 42 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • elster-app.com is 1 month old, registered on 5/2/2026 through Internet Domain Service BS Corp. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • 21 out of 92 antivirus engines in our malware network flagged elster-app.com as malicious or suspicious (18 outright malicious). Even one detection is a meaningful signal.
  • No. elster-app.com is not currently listed on the major browser blocklist feeds that modern browsers use.
  • elster-app.com resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • Independent trust-rating sites currently show the following for elster-app.com: ScamAdviser: 40/100. Those scores come from user reviews and their own heuristics, so they are worth comparing against our verdict.

Final Verdict

0
Trust / 100
Final Verdict·elster-app.com
DANGEROUS

elster-app.com is a phishing clone impersonating Germany's official ELSTER tax portal to steal banking and tax credentials. The domain is 47 days old, mimics the legitimate elster.de, and hosts fake bank-verification pages targeting DKB customers.

Do not visit this site or enter any personal, banking, or tax information. If you received an email or message directing you to elster-app.com, report it to the official ELSTER support team (elster.de) and your bank immediately. The legitimate ELSTER portal is only at elster.de; official apps are ElsterSecure and MeinELSTER+ published by Bayerisches Landesamt für Steuern.

AV engines
92
MT passes
2
Net signals
2
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust1
world-colis-express.com
43m ago
Read the review
Dangeroustrust14
whapptr10.com.cn
43m ago
Read the review
Dangeroustrust37
petropolisclub.com
44m ago
Read the review
Dangeroustrust1
pdf-personal-projects.appwrite.network
46m ago
Read the review
Dangeroustrust1
ucrhp.rgva725lyrd.teams-login.xyz
48m ago
Read the review
Dangeroustrust1
metamaskiologil-1.gitbook.io
48m ago
Read the review
Dangeroustrust1
apobank.chekbot.online
50m ago
Read the review
Dangeroustrust1
metqmask-wallet.gitbook.io
50m ago
Read the review
Dangeroustrust12
ww1-dkb.webworkonline.co
50m ago
Read the review
Dangeroustrust24
parus36.ru
2h ago
Read the review
Dangeroustrust1
divine-nobodies.com
2h ago
Read the review
Dangeroustrust1
fullaski.com
2h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.