Gemini phishing domains

Newly registered lookalikes - tracked daily

Gemini phishing domains

Newly registered lookalikes - tracked daily

Website: gemini.google.com
About: AIGoogle's AI assistant accessed via the standard Google account. Phishing pages typically funnel into broader Google account takeover (Gmail, Drive, Workspace) since auth is shared with the main Google login.

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

Last check (UTC)	First seen (UTC) ▾	URL	Screenshot	Flags	Details

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

URL	Screenshot	Details

AIHow to verify a real Gemini URL

Legitimate Gemini URLs always end in gemini.google.com (e.g. www.gemini.google.com, account.gemini.google.com). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not Gemini.
The domains listed above were registered within the last 7 days. New-domain age is itself a signal — Gemini has owned gemini.google.com for years; brand-new look-alikes are almost never legitimate.
If you got the link from email, SMS, or social media, do not click it. Open gemini.google.com from your browser bookmark or type the domain manually.
Real Gemini pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.