New Registrations

MetaMask phishing domains

Newly registered lookalikes - tracked daily

MetaMask phishing domains

Newly registered lookalikes - tracked daily

Tracked (7d)
13
New (24h)
5
vs avg
Website
metamask.io
About
AICrypto wallet phishing. Pages aim to capture the 12 or 24-word seed phrase or trick users into signing malicious wallet-drain transactions.
TLDs
.biz (3) · .com (2) · .info (1)
Hosts
HostPapa (1) · Cloudflare, Inc. (1) · Amazon.com, Inc. (1)
Countries
United StatesUnited States (3)

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

Last check (UTC) First seen (UTC) URL Screenshot Flags Details
2026-06-24 02:09 2026-06-24 02:09
https://wallet-metamask.biz
Screenshot of wallet-metamask.biz Details
2026-06-24 01:39 2026-06-24 01:39
https://metamaskverifyweb3.com
Screenshot of metamaskverifyweb3.com Details
2026-06-24 01:39 2026-06-24 01:39
https://metamaskcare.com
Screenshot of metamaskcare.com Details
2026-06-24 01:39 2026-06-24 01:39
https://metamask-transit.biz
Screenshot of metamask-transit.biz Details
2026-06-23 01:50 2026-06-23 01:50
https://metamaskrewards.biz
Screenshot of metamaskrewards.biz Details
2026-06-20 02:26 2026-06-20 02:26
https://metamaskinvestigations.info
Screenshot of metamaskinvestigations.info Details
2026-06-19 03:01 2026-06-19 03:01
https://metamaskpro.xyz
Screenshot of metamaskpro.xyz Details
2026-06-17 01:27 2026-06-17 01:27
https://metamask.tips
Screenshot of metamask.tips Details
2026-06-17 01:27 2026-06-17 01:27
https://metamask.promo
Screenshot of metamask.promo Details
2026-06-17 01:26 2026-06-17 01:26
https://metamask.group
Screenshot of metamask.group Details
2026-06-17 01:26 2026-06-17 01:26
https://metamask.global
Screenshot of metamask.global Details
2026-06-17 01:25 2026-06-17 01:25
https://metamask.business
Screenshot of metamask.business Details
2026-06-17 01:25 2026-06-17 01:25
https://metamask.blog
Screenshot of metamask.blog Details

Recently registered domains — may be used for phishing. Screenshots show parking pages while domains warm up. Use for Threat Hunting or watchlists.

URL Screenshot Details
https://wallet-metamask.biz
Screenshot of wallet-metamask.biz Details
https://metamaskverifyweb3.com
Screenshot of metamaskverifyweb3.com Details
https://metamaskcare.com
Screenshot of metamaskcare.com Details
https://metamask-transit.biz
Screenshot of metamask-transit.biz Details
https://metamaskrewards.biz
Screenshot of metamaskrewards.biz Details
https://metamaskinvestigation…
Screenshot of metamaskinvestigations.info Details
https://metamaskpro.xyz
Screenshot of metamaskpro.xyz Details
https://metamask.tips
Screenshot of metamask.tips Details
https://metamask.promo
Screenshot of metamask.promo Details
https://metamask.group
Screenshot of metamask.group Details
https://metamask.global
Screenshot of metamask.global Details
https://metamask.business
Screenshot of metamask.business Details
https://metamask.blog
Screenshot of metamask.blog Details

AIHow to verify a real MetaMask URL

  • Legitimate MetaMask URLs always end in metamask.io (e.g. www.metamask.io, account.metamask.io). Anything else — including look-alike typosquats, hyphenated variations, or unfamiliar TLDs like .xyz / .top / .vip — is not MetaMask.
  • The domains listed above were registered within the last 7 days. New-domain age is itself a signal — MetaMask has owned metamask.io for years; brand-new look-alikes are almost never legitimate.
  • If you got the link from email, SMS, or social media, do not click it. Open metamask.io from your browser bookmark or type the domain manually.
  • Real MetaMask pages almost never ask for credentials immediately after clicking from a message — treat any such redirect as a phishing attempt until the domain is verified.