New Registrations
MetaMask phishing domains
Newly registered lookalikes - tracked daily
MetaMask phishing domains
Newly registered lookalikes - tracked daily
Tracked (7d)
4
New (24h)
1
vs avg
—
- Countries
United States
Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.
| Last check (UTC) | First seen (UTC) ▾ | URL | Screenshot | Flags | Details |
|---|---|---|---|---|---|
| 2026-06-04 02:29 | 2026-06-04 02:29 |  |
Details | ||
| 2026-06-01 01:28 | 2026-06-01 01:28 |  |
Details | ||
| 2026-05-30 05:29 | 2026-05-30 05:29 |  |
Details | ||
| 2026-05-29 02:12 | 2026-05-29 02:12 |  |
Details |
Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.
| URL | Screenshot | Details |
|---|---|---|
| https://metamasks.xyz
|
|
Details |
| https://metamaskhelp.center
|
|
Details |
| https://metamasklab.org
|
|
Details |
| https://metamaskck.tech
|
|
Details |
AIHow to verify a real MetaMask URL
- Legitimate MetaMask URLs always end in
metamask.io(e.g.www.metamask.io,account.metamask.io). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like.xyz/.top/.vip— is not MetaMask. - The domains listed above were registered within the last 7 days. New-domain age is itself a signal — MetaMask has owned
metamask.iofor years; brand-new look-alikes are almost never legitimate. - If you got the link from email, SMS, or social media, do not click it. Open
metamask.iofrom your browser bookmark or type the domain manually. - Real MetaMask pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.