New Registrations

MetaMask phishing domains

Newly registered lookalikes - tracked daily

MetaMask phishing domains

Newly registered lookalikes - tracked daily

Tracked (7d)
6
New (24h)
0
vs avg
Website
metamask.io
About
AICrypto wallet phishing. Pages aim to capture the 12 or 24-word seed phrase or trick users into signing malicious wallet-drain transactions.
TLDs
.com (2) · .online (1) · .finance (1)
Hosts
Hostinger International Limited (1) · Cloudflare, Inc. (1) · Amazon.com, Inc. (1)
Countries
United StatesUnited States (2) · CyprusCyprus (1)

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

Last check (UTC) First seen (UTC) URL Screenshot Flags Details
2026-05-18 00:51 2026-05-18 00:51
https://metamaskx.com
Screenshot of metamaskx.com Details
2026-05-16 00:57 2026-05-16 00:57
https://metamaskx.online
Screenshot of metamaskx.online Details
2026-05-16 00:56 2026-05-16 00:56
https://metamask.finance
Screenshot of metamask.finance Details
2026-05-15 01:06 2026-05-15 01:06
https://metamasksupportweb3.com
Screenshot of metamasksupportweb3.com Details
2026-05-15 01:06 2026-05-15 01:06
https://metamaskapp.download
Screenshot of metamaskapp.download Details
2026-05-14 01:04 2026-05-14 01:04
https://metamaskcrypto.vip
Screenshot of metamaskcrypto.vip Details

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

URL Screenshot Details
https://metamaskx.com
Screenshot of metamaskx.com Details
https://metamaskx.online
Screenshot of metamaskx.online Details
https://metamask.finance
Screenshot of metamask.finance Details
https://metamasksupportweb3.c…
Screenshot of metamasksupportweb3.com Details
https://metamaskapp.download
Screenshot of metamaskapp.download Details
https://metamaskcrypto.vip
Screenshot of metamaskcrypto.vip Details

AIHow to verify a real MetaMask URL

  • Legitimate MetaMask URLs always end in metamask.io (e.g. www.metamask.io, account.metamask.io). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not MetaMask.
  • The domains listed above were registered within the last 7 days. New-domain age is itself a signal — MetaMask has owned metamask.io for years; brand-new look-alikes are almost never legitimate.
  • If you got the link from email, SMS, or social media, do not click it. Open metamask.io from your browser bookmark or type the domain manually.
  • Real MetaMask pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.